www.jagoanssh.com Open in urlscan Pro
2606:4700:3031::6815:5f9c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://webdns.eu.org/
Effective URL:
https://www.jagoanssh.com/?do=dns
Submission: On January 30 via manual (January 30th 2022, 9:47:12 pm UTC) from US — Scanned from DE

Summary HTTP 289 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 37 domains to perform 289 HTTP transactions. The main IP is 2606:4700:3031::6815:5f9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jagoanssh.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2021. Valid for: a year.

This is the only time www.jagoanssh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:4859	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:303... 2606:4700:3031::6815:5f9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7 16	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 8	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
5	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
9	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3 6	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
6	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
3	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:112:f006... 2620:112:f006:bbbb::12	6336 (TURN-US-ASN) (TURN-US-ASN)
1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	199.187.193.181 199.187.193.181	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	13.224.96.83 13.224.96.83	16509 (AMAZON-02) (AMAZON-02)
4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:1f14:d24... 2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d	16509 (AMAZON-02) (AMAZON-02)
6	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4007:809::2003	15169 (GOOGLE) (GOOGLE)
289	47

1 2606:4700:3033::6815:4859 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

webdns.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3031::6815:5f9c (United States)

ASN13335 (CLOUDFLARENET, US)

www.jagoanssh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.20.157.55 (Milan, Italy) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.89 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-83.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal900026.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d (Boardman, United States)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4007:809::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	725 KB
50	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157	433 KB
28	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438	109 KB
26	jagoanssh.com www.jagoanssh.com	682 KB
19	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32669 hal900013.redintelligence.net — Cisco Umbrella Rank: 317735 hal90002.redintelligence.net — Cisco Umbrella Rank: 242766 hal900026.redintelligence.net — Cisco Umbrella Rank: 216179	100 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	601 KB
11	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3608 pixel.mathtag.com — Cisco Umbrella Rank: 1240 sync.mathtag.com — Cisco Umbrella Rank: 421	8 KB
9	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19799 api.webgains.io — Cisco Umbrella Rank: 60455	154 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	67 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	337 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	7 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 293	37 KB
6	webgains.com track.webgains.com — Cisco Umbrella Rank: 44883	54 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	6 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 14385	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	10 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 595	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 175237	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	63 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	878 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3243	878 B
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 250175	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1541	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 312	456 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1548	350 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 890	324 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	463 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 317714	409 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1056	336 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372	75 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 560	177 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	417 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	eu.org 1 redirects webdns.eu.org	703 B
289	37

	Domain	Requested by
42	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com googleads.g.doubleclick.net www.jagoanssh.com
29	pagead2.googlesyndication.com	www.jagoanssh.com pagead2.googlesyndication.com securepubads.g.doubleclick.net efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	www.jagoanssh.com	www.jagoanssh.com static.cloudflareinsights.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com www.jagoanssh.com googleads.g.doubleclick.net
16	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
10	www.google.com	1 redirects www.jagoanssh.com www.gstatic.com tpc.googlesyndication.com efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com www.google.com googleads.g.doubleclick.net
9	hal9000.redintelligence.net	efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com www.jagoanssh.com hal90002.redintelligence.net hal900026.redintelligence.net
9	s0.2mdn.net	www.jagoanssh.com s0.2mdn.net efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
9	www.googletagservices.com	efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	fonts.googleapis.com	www.jagoanssh.com googleads.g.doubleclick.net hal90002.redintelligence.net hal900026.redintelligence.net
6	api.webgains.io	analytics.webgains.io
6	track.webgains.com	www.jagoanssh.com googleads.g.doubleclick.net hal900013.redintelligence.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net 8019191.fls.doubleclick.net
6	securepubads.g.doubleclick.net	www.jagoanssh.com securepubads.g.doubleclick.net
5	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
5	fonts.gstatic.com	www.google.com fonts.googleapis.com
4	sync.mathtag.com	tags.mathtag.com sync.mathtag.com googleads.g.doubleclick.net
4	8019191.fls.doubleclick.net	2 redirects www.jagoanssh.com
4	hal900013.redintelligence.net	1 redirects efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com hal900013.redintelligence.net
4	efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	hal900026.redintelligence.net	hal9000.redintelligence.net hal900026.redintelligence.net
3	analytics.webgains.io	track.webgains.com
3	www.awin1.com	googleads.g.doubleclick.net
3	hal90002.redintelligence.net	hal9000.redintelligence.net hal90002.redintelligence.net
3	googleads4.g.doubleclick.net	www.jagoanssh.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	cdn.jsdelivr.net	www.jagoanssh.com
2	image6.pubmatic.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	www.googletagmanager.com	adv.office-partner.de
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.jagoanssh.com
2	adv.office-partner.de	hal900013.redintelligence.net hal90002.redintelligence.net
2	pixel.mathtag.com	tags.mathtag.com
2	www.google-analytics.com	www.jagoanssh.com www.google-analytics.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	futalis.de	hal900026.redintelligence.net
1	onetag-sys.com	1 redirects
1	ssbsync.smartadserver.com	efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	ajax.googleapis.com	hal900013.redintelligence.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	www.jagoanssh.com
1	webdns.eu.org	1 redirects
289	56

This site contains links to these domains. Also see Links.

Domain
serverssh.net
panel.jagoanssh.com
fakemail.my.id
linkconfig.com
play.google.com
facebook.com
jagoanssh.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-19` - `2022-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
adv.office-partner.de R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.futalis.de R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://www.jagoanssh.com/?do=dns
Frame ID: 571E9DCC96A619EA89A69CD85F14D324
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: DA5B1923B14E4973F949B85FA50D7304
Requests: 1 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1927EF499D43D86A53B299F7109D48DB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Frame ID: 695FEB5A0AF682BD5BDEB4C4A2A3A247
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&adk=1812271804&adf=3025194257&lmt=1643579225&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=780&idt=209&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569225387515&frm=20&pv=2&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=487
Frame ID: FB1745B1C86CAA5322A470EAF4604A8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Frame ID: 34F3269BDCBE73AFF690EB45DC090E77
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Frame ID: 325C9A87025A968B3EDBBC29755E3F32
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Frame ID: 806F7BE094C96D4A9CE1DDA408381012
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Frame ID: 28E7F4EBB3B04F733A621478BA0AC2EB
Requests: 14 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 675B5278D35378BA60543E231545AD31
Requests: 12 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D15CB2A891B68DAAEB3A52AE78D2DF36
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CAA595FFAFD74B709E6F7E28C6135041
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AECD27F45EA961448CE88A19F8943C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Frame ID: 423FB8D16CAA6988E79B4CF8F5EFA975
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Frame ID: DEEE66CFE312481046BB41678A738F2C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C411GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhExPiMLtk6Hb-H5q72m-X2bt_-7dtUahYcJuxzq-IECJCnyJO7C34AGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=IT96SQTGi2E&uach_m=[UACH]&cid=CAQSGwCNIrLMnwsQm6HWa6VjQEB2BcY62NcOmTKllBgB&tpd=AGWhJmu2V7K1R9Y7c_08jdZw97LCdBoYJ_Odr_ph4edFSaeec5gJkh1rofzMCPhqLoJMhYUPK8wPrCDlBEW50TbSEeYntm_ffFzzhCYRj6DaRZAPSJBFBioPdPEVHJd5kTOWrREwe-f8_OoGyIBhsc2mXI4JU7LXjDWRtnG3OgePCr3p3aLHiEkTtjKGq37c_jB1GlPQmoVicPZ43I0He5XN21cYlBKhO4AC1iVlBijQBnw4CyGelONsUrT3-ndNq7vmqfovO__0GgUwR8CrsT6kDS1zFL2uI3UNxnyzwlUmWWsDD0hf1awu8xxgtZJsaAjdcqTbhvM4ZMiBmUCar3kuXwelyjP_oDRcwtO9vojwXnLU_6-Ktog6Dcg_qoOMSWxal1A4j1Z1O0Tl1tYAy9ZfgAMKzXEURbTVt3B0-scmuWWncbAYHLNNTLXpOXCesA5zVXdVo2RpLQagdolJ4p87TBI35MfgNt45Nrgb01k-hff_6mdTvG_G6TAIi45eYwWBJug0Xhte8JqYj608PE5h2yZ88Yec_A04UgcYnuNcKO2fztWw0w0PQocPu9h1_jecjD2jbOFGh2yifflLpIwUJKUtmvJ2SZh-gq6s0C-Lsqbd0lllPE0VR915ysjBLBAkl1sD23jfyB-KMczADrGjapUFCaBYBt8u9v2Ne3t2Xqay4ZwP818VWzuwwgI_rYxjQR_eZR1L9iY12jzEADOQ6u49jqWduvfsOfhV_2QVMxRGrpjYeEDoqWW9hkPboBrg4yqWIfsP6LLaNlICRNGChwxAeVu7sMYwF197Q2MSNNuKWsMCsgO13Y1gzQ40hfvf53l-UX99HA3hf1cNw3ZS6gtMsP3-aiZy8sbYyjKNhcGF0hz_y_D54NvD1Miz0rMMjtgS453iORZSUskFhEoQNmyVaWfTFD4Av0OwZkJ1f5fDHvaL93PG-r14GXLMCQVzDu_yQEYgPR6x6G731E0f2mKkbQ-hvswJlRiu_jmjGrWzfdK26rQjIf7tSt5DJH_LVwKB1qN4YAN11n7-JnhKlgzVLJSebQUr0893bdzoiGGnJfx1Y_6Hz9O30A8iRdwHRN4
Frame ID: F971CF5EB871AF17ACA6BC7A1929238C
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT
Frame ID: 94056CF71D5B42D0D80BA0139AFCF35D
Requests: 3 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C8B26BFADE78A16DFBA2C3A7EAB32F1B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6E63A115B41FF37A910485AB72A5D31
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Frame ID: A736C9D8C7BB12267901B9E8A5FFFA9A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B8F7CECB30FA14ACD30360B032B1B34
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Frame ID: 49F04738AF45B4353969C5C85B01FBF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8056A8C1458B0BAC8131CF0707454E51
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9FD9258A46965BB80E250925B9F3D97
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 51AEDC8A356D80F37D0527AC6A5AD758
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 01CE35C284AA3B074CEBD2ED12074A22
Requests: 5 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: EB48C01EABB5B3983E20B4B2FB2AE194
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
Frame ID: CCA0E9E76DD02E13D105AD496E46FFFA
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Frame ID: 01ACDCD8925693E6B70A549FB1B59D76
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BD91AFD2FA6479F30E43A1207ABBF76E
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
Frame ID: F50776475F588A3A158DCE961D2C6FC8
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Frame ID: E990E161D5F1DDC508085F9A4C3C12FB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 506414BDB37AF6FDE41CA60A8C9D4008
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 64D499A87280EEECCE599CF892476C56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cd7ORWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efzPq3yosWd6t1-JD4FBRg4_TpRbWLYchVSJizxpmoTNLI2mJaUGiIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=B1zBeSa0rA0&uach_m=[UACH]&cid=CAQSOwCNIrLMZzozKNNcu_ve53PBzw3I8XOuAf_MgGC-FkM-D_zBcm95gcGBszbOMMDd2MIyQNSuzU5phSBBGAE&tpd=AGWhJmsIBw8oNEhb0EyKSfg6qxkQ1kKrHBx182qlNfrmuygUMTZOmiEhl7bz4K0acEKNqLHm6SLXKW30I7dAcvRH-zDvWNftWPT2W1sSpvheSjpTBYA2yiDS37u-1ZoHmkxNhiwfM7f2j_B5tjQae3JUX0NXkw9qNxioq4VZsTqFcZcezpBV2cyRE1-RtAYEyBhTG14RIVriLCsCR54rvZAo93P5OAHaCFQiA1BcxXax4OJqlqw0PwJNCNYvITJ0H1aK4SHrwEPc1YDwjY04CTGAHhXo5iNDin-le5BYOKw8jAdDt1KZr1QJfzrNrI3129ZVf_16tRuHw8Or2liy5Uu82cxQcYdz9k1Buj-8y8XkT_s-YSyMaRA44NHIQ9OThk_jegG0Xn4wngJhti97KydXgDGpHcpETuAnF3ueUr22Ec5LALCROTgjN7Xjjqyj47cmOP9YiKFj6lyRWhGyE8iJlBmEm0G6HOHUxR1DkX2wD5QkCXDD4R9oSfoseIRfxQGCwuGIlaFMQuBjL98Oellkj6KQ750DcZhO_jteeQOQGq0o4Vv4wSgBVQxMSN4v9w47Le36PTub-ehx5UuR_TJrfdX8vStUaG9lNSeci8c-ioH4QFUG8n44TEjxV08Zt8yJ3J3oJ1yJXZH9yI1nSI2uRNuqe5edUSVIxKuBdqfC0TCPqpICAbfCmXvii6RBPI-arOyBiM6Sd7LJnEp2EK1c3Fn0kTIjFu2ruidyx9AWsVD3NfuT8xg0RpCzjbgKbx4uCfDxvkeZjNWH-g4DWDN4JFwmpLVJd5io2bdvclcR0k8rwHfjqs_PFI5WlMTOEyzp3KlNOuxgjUHi3pXl4yGG_FTLX3OL_ecynoSi72oHNDKO4-SJ4fG4sDhs6EGSA074Wyl_fQqi_EOu4llE63rcrYGpvjBYjkXEoPohJp84wmxfqLtW_mv7CTGNcvtnyhjqrF0wAWep9AShYezJ9IyWELZ--9ZnuQ3g5AmDRPPBct3qTklUU-CBuDb5WtFplUrn0ev2nRWmKfKEQ8HMcnOWSjNcKpNxUgeMGKAFDDVTsKYI67KMWCt6BVVLaDQe0M5qDbc3
Frame ID: 04CD8F3D9E8EAC9329DC9CDEF6FF1A60
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 6BC31ED83393A7E398106398F45E227D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 40523219D26DA98F0B16809B6F6A5085
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: DA19BB6FAF9EBC1B2DA63ADAA2F1E116
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Frame ID: F5FA63FE957170F1C60F733BDF201ABE
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
Frame ID: 977E946BCE8FFE5D592D408E834CC7DE
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Frame ID: A955E3C6DD4CBBF9F20E75C1665D2CC1
Requests: 6 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Frame ID: CF55A4EB04276973A84B9981BBBA7816
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C6CA75B5AD7343B1B09743276DBC001
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREE CREATE A DNS DOMAIN TO AN IP ADDRESS - JAGOANSSH.COM

Page URL History Show full URLs

http://webdns.eu.org/ HTTP 301
https://www.jagoanssh.com/?do=dns Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

289
Requests

94 %
HTTPS

49 %
IPv6

37
Domains

56
Subdomains

47
IPs

8
Countries

3420 kB
Transfer

8072 kB
Size

34
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://serverssh.net/?q=slow-dns
Title: Slow DNS Tunnel

Search URL Search Domain Scan URL

URL: https://serverssh.net/
Title: SERVERSSH.NET New

Search URL Search Domain Scan URL

URL: https://panel.jagoanssh.com/
Title: PREMIUM SSH VVIP

Search URL Search Domain Scan URL

URL: https://fakemail.my.id/
Title: Fake Gmail

Search URL Search Domain Scan URL

URL: https://linkconfig.com/
Title: Linkconfig.com

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=app.s.jagoanssh_com

Search URL Search Domain Scan URL

URL: https://facebook.com/jagoanssh

Search URL Search Domain Scan URL

URL: https://jagoanssh.com/
Title: Jagoanssh.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://webdns.eu.org/ HTTP 301
https://www.jagoanssh.com/?do=dns Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1

Request Chain 92

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1

Request Chain 94

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D

Request Chain 134

https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 187

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496

Request Chain 192

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685

Request Chain 213

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1&google_push=AYg5qPLq1MxuRLEoVyY-UlEZwbgCkbXWsf9SP2SWxZ7w4U1ms8vka-Tbec_dsDkY0ja8AExAJisK9RjHvI_DGbTxUXOp8iGB_sM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1NzM1Njg3ODU3NjkxNzI1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1

Request Chain 215

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d

Request Chain 216

https://onetag-sys.com/sync/i,19/?google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI

Request Chain 218

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s

Request Chain 219

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=98481800237293200951389011855026&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315

Request Chain 263

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937

Request Chain 277

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDyL61hQSM7fE35eVycugGM&google_cver=1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDyL61hQSM7fE35eVycugGM&google_cver=1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6

Request Chain 278

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWzhwyRDRCWiYGRZsyNNRY&google_cver=1&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s

Request Chain 279

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1

289 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jagoanssh.com/
Redirect Chain

http://webdns.eu.org/
https://www.jagoanssh.com/?do=dns

28 KB
9 KB

433ms
396ms

Document
text/html

2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 07c1a4ddc1ca58f5ea6870d7d12ea467068c57338ef4b40ea2e9169622c77272

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2kba0vt%2FomPypwabXBvYW8BxidTuNNEbTWHz4fXDqXktRubtnR%2F%2FcUSZO9gTNT0YyWgzIk5IOFvKc8x25Xf8UwcfczYJplBAA7D7BV5JDodYdQLaAjexooziJg0qX4IP6H5ag2Vxw1VVKlVtbd74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d5de5831ae99004-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 30 Jan 2022 21:47:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 30 Jan 2022 22:47:03 GMT
Location: https://www.jagoanssh.com/?do=dns
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QofQmG0QldFFKrl5UV0Jq1PBCkwIh%2BgBQgsZhWMUW4mlxdFS%2F8bb74NVxXgRR0iz94eQFv5UIohFrlr%2FEzor6tdmDFMzKbKN0Go4p7bX%2B9eF%2Bz7gwBceRH8E0bi03qkl3USLv6hcjSINJgxZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d5de582bd108fca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 142ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0489701e93e6bc91552e355d841871d22adfcecd62abcc683a04fcab616dc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 21:34:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H2 200 styles-merged.css
www.jagoanssh.com/scss/css/ 236 KB
36 KB 25ms
23ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/css/styles-merged.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315454
cf-polished: origSize=276442
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKvbWeOwY2jtNaA0vdbo92UfDs9LC4xmo1p980H8qBTGSdRbOpY708jQot43sbQYPWaPK102qeOEh1KV2%2BPVlduL6E57AZRTZE%2B7F8%2B5h166Hc2gRh8tQ5QAjwZxwM3PClH3tF%2FnTPKsSWSdDwZiTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de585b8ca9004-FRA
expires: Thu, 03 Feb 2022 06:09:29 GMT

GET
H2 200 style.min.css
www.jagoanssh.com/scss/css/ 27 KB
6 KB 20ms
18ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/css/style.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 208567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KegUzhY4AzIH7YJAT7jF8j%2BiEx4HbSwSDQ6lXbGqBBJ4%2FAPW40BM7KQGqzRYLl3C%2F%2B4NID%2FCUtwYCAznVvt%2B7aH%2BPPiQakinjujwC5huvX5X1DJEP%2Fhzv49%2B%2F4O%2FAgJVMQZPx1QCTyfJfITUm9jPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de585b8cc9004-FRA
expires: Fri, 04 Feb 2022 11:50:56 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 52ms
27ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3415
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5de585dc805c26-FRA

GET
H2 200 bootstrap.min.css
www.jagoanssh.com/scss/lib/lib/bootstrap/css/ 152 KB
24 KB 30ms
28ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/bootstrap/css/bootstrap.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAAztXfSugFj1ZNaQx18c53KHLAE04SHkpxKrXf172mLNHumKnYAQcdqPke%2Fus0hJ88oy7pvtwwTI9afwA9rhlH07qFcKrmx4lJzOqmVTD4fQBijuU5RY2YqHOvH0P%2BP%2BufgufTLAVCGjFVCX7hQzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de585b8ce9004-FRA
expires: Thu, 03 Feb 2022 01:48:16 GMT

GET
H2 200 style.css
www.jagoanssh.com/scss/lib/css/ 20 KB
5 KB 29ms
28ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/css/style.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417259
cf-polished: origSize=26956
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BKV8%2BnT%2FzaEClXzJa%2FTP3dDSy%2BJAgLc5FpmPAyrpzb48csAQI7f47eyYxX0cJAWgG0ARuwi297cw6JApjH1NrLBgVCxC0Vsp9sYBGUUEGrYqhdLgdRgTpqOZystKJ%2BkkW6R%2BdjumMdbcaLSbrdGIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de585b8d39004-FRA
expires: Wed, 02 Feb 2022 01:52:44 GMT

GET
H2 200 font-awesome.min.css
www.jagoanssh.com/scss/lib/lib/font-awesome/css/ 30 KB
7 KB 20ms
19ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm6nR%2BRGwlCy896cW0bEVYAX6018yswkfz9HV%2BQWNHz6OLTB7YSygrCl5t54tScSjzgnm1BC8geRepdxfd%2FHXswFGhmOCV5QRswZ256ZTkmNRlHCYxX%2FZyt6wCP6sZingMV%2FhAQDbq9M3qxYK16w9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de585b8d59004-FRA
expires: Thu, 03 Feb 2022 14:17:52 GMT

GET
H2 200 invisible.js Show response
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/ 43 KB
15 KB 704ms
703ms Script
text/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7db523878d8545d790ba921ace451f96ac60cd946cd8770d37012a116cc3e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3626NByZg9zi54cRb6YrYaOZeBbR3Ksczm0fX1aS6UCELkWLySiCCePybq3deZ8qtXt0n8a%2BrsEQFSxbELXwDdiHHoijA0ezHtFySKlOyFC8tG0PT1lxK8KLXZu8aDYYrPt3qMVHkiWRnNrVAcDbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d5de585b8d79004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo.png
www.jagoanssh.com/ 3 KB
4 KB 20ms
19ms Image
image/png 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/logo.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3300
last-modified: Thu, 21 May 2020 08:32:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpruxiB4IwEYSH12X9Xxb1N2GBJVorV9Pc0cuEjMVWo843UJnrMab2vvezAdMrv8LGvVHwzW83e4wJNHXhG%2FcTkwffLQ9L9zm%2BStjRRGb5ipgcgQyvN16GxyRYj3WP34gV6nhq5A0ieGbBTP0PgLyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6d5de585b8dc9004-FRA
expires: Thu, 03 Feb 2022 01:48:16 GMT

GET
H2 200 home.png
www.jagoanssh.com/negara/ 196 KB
196 KB 31ms
30ms Image
image/png 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/negara/home.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 200221
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFcnNqHnB91adYsroE9w35S6DPRSzbxsC4vUjBS3jujzhdfS9i2tp8eZMsGtA7y%2FOn51t%2FT27hqQGm6hP5oke3O9VcIqADCwBOTSk3cxDyDlYV%2FLjpsB2EUMpePC6j9fXcd0QlWpN3Ajb%2Fd6Wtr%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6d5de585b8dd9004-FRA
expires: Thu, 03 Feb 2022 01:48:16 GMT

GET
H2 200 playstore.png
www.jagoanssh.com/assets/img/ 14 KB
14 KB 20ms
20ms Image
image/png 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/assets/img/playstore.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 331126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13957
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTvusAO8s%2B6M5qBn0nAK%2FJ%2BtMnpN7ErhWriSKpgNduOkMVlIaJ5I00IPWrzuoTOIA%2BgF7iuSfKgJkBC8GvmSkYIpG7DJBzxJZxJaar8U4wN1SBxiVQeJvWJKIbXOYD7uM4OuxeKufaSsOuk4x73qyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6d5de585b8df9004-FRA
expires: Thu, 03 Feb 2022 01:48:16 GMT

GET
H3 200 rocket-loader.min.js Show response
www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 21ms
21ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 10:01:18 GMT
server: cloudflare
etag: W/"61f26d6e-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDGxwurxysI%2BNFIHd6ICcodyQiKWaxmWEuptEu939igb%2B941oglASULqaKQlYsq8TaYSCODIHeJMGkNTmsE%2FFU792K2QK0f6MlYZgVBAjR0e7d1L5FthSp%2BURWoJzsfu4rpLm3Y6ezwc1t49VHGwxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d5de586380e5b8c-FRA
vary: Accept-Encoding
expires: Tue, 01 Feb 2022 21:47:04 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 109ms
82ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.jagoanssh.com/
Origin: https://www.jagoanssh.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d5de586685a92ad-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 156ms
66ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751af7d272f028613431e3417b6ad1d44e8bd2b10c5c1f601122d1edf058262d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53059
x-xss-protection: 0
server: cafe
etag: 9712386660504255461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 132ms
48ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 144ms
53ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5cf12758deb08a462fdf37940746b9cd2cd2b4cb6464852f6c89af4107d872be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27099
x-xss-protection: 0
server: sffe
etag: "1118 / 660 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H3 200 fontawesome-webfont.woff2
www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/ 75 KB
76 KB 33ms
32ms Font
font/woff2 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Origin: https://www.jagoanssh.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urphRfz6Qgk2YGkEpInrNARZE6BbxxNbcxyMIvt63PKH8BoiRpspfn9GPukABLKqas0v2qffD8qywfWi3Uej8xQ6S1QgbmE7IsWFNZJGNjPOMNSyYizmSAGIImJjRi0mBW6yxJuzZLPody%2B30RskHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6d5de586a8e15b8c-FRA
expires: Wed, 02 Feb 2022 15:17:07 GMT

GET
H3 200 icomoon.ttf
www.jagoanssh.com/scss/fonts/icomoon/ 207 KB
112 KB 39ms
38ms Font
font/ttf 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/fonts/icomoon/icomoon.ttf?1z9v6x
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/css/styles-merged.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49

Request headers

Referer: https://www.jagoanssh.com/scss/css/styles-merged.css
Origin: https://www.jagoanssh.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 563847
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ8TTZkwfwMibg4c0MdCbJKphakki7ef16DgPJCo84rtEVTCScwiHjrKq1FcPrvEX4V%2FgmZo40yvihwIhnPzxC4biwsp51VXiOIWq9pdHGwxEsuJw9p5Mg8I1Ak978rL4dGM5C6Cnou%2FSCjoEWRFTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de586a8e85b8c-FRA
expires: Mon, 31 Jan 2022 09:09:37 GMT

GET
H3 200 pica.js
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/ 19 KB
7 KB 59ms
58ms Other
text/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4c7b236abbcddeddfe06ffef4146600d8437a6168ecc6d94aa7130bc658381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6j%2F0XouvS1HFhv%2BuORwbYxz4mfTsR0wf3DpTCGEufNBczfyB5HTYb3tr3lk%2F7OAKPDRlNFkAp7NKMwDWD%2FLMUyIqKqmAmdBBh9vS3QT%2F%2BWlSN1aBzlM9UyNWw8p3piTPvMNfSqbkZR%2B19DsHw%2Figw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d5de58a3ebf5b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6132
date: Sun, 30 Jan 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 30 Jan 2022 22:04:52 GMT

GET
H3 200 font-awesome.min.css
www.jagoanssh.com/assets/css/ 26 KB
6 KB 18ms
18ms Stylesheet
text/css 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/css/font-awesome.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVLCwpWl0qrCWZ4Sdv64W5wKi8eBq3s5rGyn2NGsd1hJ8WRh7jAtN%2B4Rkr4kSkLKQ8GLeXTyuxKWMRIAIJVttOeLaO1ywVzKJHHw9EulpTKVuQl4OxnVccG05aTsSSVdapNFV3rceBEFdS0T4QWR9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58a3ec45b8c-FRA
expires: Wed, 02 Feb 2022 14:53:48 GMT

GET
H3 200 pubads_impl_2022012506.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
119 KB 84ms
37ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 21:11:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 197 B
147 B 96ms
48ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jagoanssh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8354ab5571ba5f27d4b26096f201e86426cb1365b53fd80fb6e91bed791dc9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/ 287 KB
104 KB 115ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2bf5ae096cf3c9b078b3a3360931d86a33c7eb8e7897cb14e7f4b5e2188b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105952
x-xss-protection: 0
server: cafe
etag: 14780350822432706883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame DA5B 10 KB
5 KB 127ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:32:23 GMT
expires: Sun, 13 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 22481
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ 355 KB
141 KB 133ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Origin: https://www.jagoanssh.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 20:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 20:54:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 117ms
94ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc531fa86bea442e30fdc7d547dd2e8f795c30a6366630e025fe9baaba2bb74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53059
x-xss-protection: 0
server: cafe
etag: 1510053659784789339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H3 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 33ms
19ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3412
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5de58a89f45bf5-FRA

GET
H3 200 fontawesome-webfont.woff2
www.jagoanssh.com/assets/fonts/ 63 KB
64 KB 19ms
19ms Font
font/woff2 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/assets/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://www.jagoanssh.com/assets/css/font-awesome.min.css
Origin: https://www.jagoanssh.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311361
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=305zBuuyBng5Q5tfhj45rWnL6GQ7tvqXSudFKdLYRywNKlPosxCMhimVYh5a2IDfF%2Bs19d0LF8XNd8%2BKhe2EwpwecDmAsD%2FPDdvWZ2q1MWXGoPyTNDHAlDJl7aS6yhxErHegX%2FxuiWdpF1HnCpXCPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6d5de58a8f255b8c-FRA
expires: Thu, 03 Feb 2022 07:17:43 GMT

GET
H3 200 scripts.min.js Show response
www.jagoanssh.com/scss/js/ 243 KB
76 KB 34ms
33ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/js/scripts.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224042
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx834nVJEae2Hmt4Hjs45PVzKFYEB6bnw2UokmemVZJ2WqZgb%2FkQTcpUnFCzt0839YcdTquHSavNqmvSe3lW4xoPNZNa0%2BNMk3Y%2B5FUriMkoO3QqBQ9G65mvMFlh%2BzYulz6zSi9kA%2B4kwvIUGFnoQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58acf805b8c-FRA
expires: Fri, 04 Feb 2022 07:33:02 GMT

GET
H3 200 main.min.js Show response
www.jagoanssh.com/scss/js/ 5 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/js/main.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 376474
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrhqLzKV%2BaN7I0%2FkMLODf2nPYzTQugRIeQYKtk5778l6d8aDe8A0v%2FaKamF%2Fmnfh4l%2FSi3sHKURUxw089IeC4zc1N5fv4ZshxB9AXQMqWc61xUpdUcKa0RlnfBBgLlPNvQKN0lWokIRo1x8HF8HMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58b2fdb5b8c-FRA
expires: Wed, 02 Feb 2022 13:12:30 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1169998463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ul=en-us&de=UTF-8&dt=FREE%20CREATE%20A%20DNS%20DOMAIN%20TO%20AN%20IP%20ADDRESS%20-%20JAGOANSSH.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=141262704&gjid=450773422&cid=38563035.1643579225&tid=UA-120286388-2&_gid=2020073826.1643579225&_r=1&_slc=1&z=690551598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
45ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 125ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
19 KB 384ms
384ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2827458361515167&correlator=580329171149441&output=ldjh&impl=fifs&eid=31064561%2C21068767%2C31060890%2C31060032&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=160553881%3A22641338472%2CJagoanssh%2CMR1%2CMR2%2CSticky%2COOP&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=336x280%7C300x250%2C336x280%7C300x250%2C970x90%7C728x90%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&dt=1643579224881&lmt=1643579224&dlt=1643579223933&idt=925&frm=20&biw=1600&bih=1200&oid=2&adxs=632%2C-9%2C315%2C0&adys=6435%2C-9%2C1110%2C6830&adks=83614399%2C1833107731%2C2385447796%2C3823591854&ucis=1%7C2%7C3%7C4&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&vis=1&scr_x=0&scr_y=0&psz=1600x6829%7C0x-1%7C1600x-1%7C1600x6829&msz=1600x0%7C0x-1%7C1600x-1%7C1600x0&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=true&fws=4%2C2%2C516%2C4&ohw=1600%2C0%2C1600%2C1600&btvi=1%7C-1%7C0%7C2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

505832b0febadaa67469fbab3c0c6b2878db701cad5305689276528b349d0070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19421
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5633080992
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138341717877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1927 6 KB
4 KB 186ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 30 Jan 2022 21:47:05 GMT
expires: Mon, 30 Jan 2023 21:47:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 jquery.form.min.js Show response
www.jagoanssh.com/assets/js/ 15 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/js/jquery.form.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqqMTdWnZ%2B6%2FOsu8NwjZZuXktAA7ei3pHarLT1cIu0lqRw%2FnNhJ2WZew8LgEgXjA63b%2FTa%2BXFb5SnlCNDa%2FxbTsUgyxe3udohJT0WXljxceCvmb1q1%2FLaI%2FEgqz4XmHbuvfpDDgkys3AlFWB3sSZ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58b98775b8c-FRA
expires: Mon, 31 Jan 2022 06:17:14 GMT

GET
H2 200 ca-pub-5543899617659266 Show response
fundingchoicesmessages.google.com/i/ 89 KB
31 KB 148ms
61ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5543899617659266?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8314d8688065526d4f5842b7a571cb34a685331c7c75b2159fa60bc1657445d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uKO81RZctV4cVuiPbTw+XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uKO81RZctV4cVuiPbTw+XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-uKO81RZctV4cVuiPbTw+XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uKO81RZctV4cVuiPbTw+XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Sun, 30 Jan 2022 21:47:05 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 app.min.js Show response
www.jagoanssh.com/assets/js/ 3 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/js/app.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EiW%2BSzteetRFmqXD7ohiLOWi4cWDH9U7ISYFmINhIqwQOgSBhhuk%2F3Gjbx6Nr5Gx8TxWIm3GyoFlycIXmz9mFNcsD%2FzbsMh1xutQxerrm7Ell9DfrErtMDHKdPEPSRbrBOkuVrtlAaRia5ckRZDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58c090e5b8c-FRA
expires: Tue, 01 Feb 2022 13:53:34 GMT

GET
H3 200 mobile-nav.js Show response
www.jagoanssh.com/scss/lib/lib/mobile-nav/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/mobile-nav/mobile-nav.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482389
cf-polished: origSize=1413
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr2vDOaz9QJrN8FYG7mOqVcQWFT4P3wAARKfUWWyF91zTyB8N8L2TAV2w2%2FIfYIqLGzAv5Lwvrt16n6ykz9DtpuMtey6NNeXgNXUulRkt5tEClnXSrNrbSDWax7eNXMjowWbq3BHzsf68fEqDCk2Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58c292e5b8c-FRA
expires: Tue, 01 Feb 2022 07:47:15 GMT

GET
H3 200 wow.min.js Show response
www.jagoanssh.com/scss/lib/lib/wow/ 8 KB
3 KB 22ms
22ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/wow/wow.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224041
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7RwUd2CyYv5WTIFxXX8WiRN5tGtfQe4%2B30b6hadJANisTc70aQ9yYHBY7pxpfkX1wwzELT4Wg%2FeqQT0jI%2B%2FYS55EnIhwKdYx7uD3BBKZvzQhhAYcCk34Kk7VxHC6%2F%2BSd%2BQNksJsVmbls7PdYncsoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58c39555b8c-FRA
expires: Fri, 04 Feb 2022 07:33:04 GMT

GET
H3 200 waypoints.min.js Show response
www.jagoanssh.com/scss/lib/lib/waypoints/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/waypoints/waypoints.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 376469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHTG9HbCmd931AGnK4bY%2FLNBAo6VSJbfx3%2FOe4s1zke7ZhOO16BKOp9XUWSF0soEndt08Q1z87Mr8x7t4K3KPcVI4kWStLllS%2FoJ0TyjCL0B1AmUpxT4%2Bgz8uM4Fq4R4B9Pcq3YzaJxmISZY4pOzsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58c69935b8c-FRA
expires: Wed, 02 Feb 2022 13:12:36 GMT

GET
H3 200 main.js Show response
www.jagoanssh.com/scss/lib/js/ 2 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/js/main.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/?do=dns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482390
cf-polished: origSize=3840
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWTDmGK7hGRLMKwmmek8kiTzApBeMYKXt3xBWnhMwtAz1BcqkVEgV3reeO%2FPBmJIrN67QLpGNFGZx6V2T1llo8DmbaVakCjnteohiUVoJlb4xnL1WgtFwc2WYs4qTJGINGTY%2FCR2gnhzibKPwMyjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6d5de58c99d45b8c-FRA
expires: Tue, 01 Feb 2022 07:47:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 95ms
51ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

455af23717de3e11bceb3a34d2f34b9084f88c31533feb1c9b515ae79beb9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 695F 41 KB
21 KB 107ms
60ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ca97650cc0f2d29d0b600f88adbda5fadb53f1126feb541913fd630dd67f44e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DqNikcpBnTq4gIpgwNXwxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Jan 2022 21:47:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-DqNikcpBnTq4gIpgwNXwxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21784
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 clickonme.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/view@master/ 828 B
849 B 15ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/view@master/clickonme.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7029
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"33c-cw8noOA9IoPj6UknUpUlDkDwOlI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5de58cce815bf5-FRA

POST
H3 200 rum Show response
www.jagoanssh.com/cdn-cgi/ 0
168 B 18ms
17ms XHR
text/plain 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jagoanssh.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.jagoanssh.com/?do=dns
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.jagoanssh.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d5de58cda565b8c-FRA
vary: Origin

POST
H3 204 AGSKWxUIC0KNNnsuB_ct2aVEOviNlMegQMS8omdIh1mUts5H6gOsVWflH67MmU5sLr8M-TTTlxTfJpAjZRRWIv66dk0= Show response
fundingchoicesmessages.google.com/el/ 0
25 B 103ms
54ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIC0KNNnsuB_ct2aVEOviNlMegQMS8omdIh1mUts5H6gOsVWflH67MmU5sLr8M-TTTlxTfJpAjZRRWIv66dk0=?pvid=2BA8A4E2-C4E3-4417-B76A-34FE6FD087AB&anonid=4CD1FD36-A5E0-4FBB-8041-240DA4064BF5

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW8Rusv7Wevka92fWpdaVVF_pR1F2jkxRd0_qO8XPIaennubNgJRVrWZSTtVAdK2Z-oI6b6l_FSeYpLeGYV0HE= Show response
fundingchoicesmessages.google.com/f/ 42 KB
16 KB 111ms
63ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW8Rusv7Wevka92fWpdaVVF_pR1F2jkxRd0_qO8XPIaennubNgJRVrWZSTtVAdK2Z-oI6b6l_FSeYpLeGYV0HE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI1LDE4NjAwMDAwMF0sIjJCQThBNEUyLUM0RTMtNDQxNy1CNzZBLTM0RkU2RkQwODdBQiIsIjRDRDFGRDM2LUE1RTAtNEZCQi04MDQxLTI0MERBNDA2NEJGNSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vd3d3LmphZ29hbnNzaC5jb20vIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f22f65bc2bc02fa5f8875914362ed1f17a464e7d1346fcbdea88d694c06158c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
417 B 48ms
47ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jagoanssh.com&callback=_gfp_s_&client=ca-pub-5543899617659266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f17d4f9759d02cdcdba50495a874d33b5e9f15ab2decb05b9343d4d3357f9457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 105ms
56ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-color-override-688238583%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&tn=HEADER&id=header&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB17 153 KB
42 KB 662ms
614ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&adk=1812271804&adf=3025194257&lmt=1643579225&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=780&idt=209&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569225387515&frm=20&pv=2&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=487

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac34d7b2da7b6bb92d6a8cdd6a8708bc271fa7739947be98c9a7ceb55c424acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
content-length: 42668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F3 92 KB
29 KB 772ms
728ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c55b098ddb1750a3a50709e64c3ff3adbd41597a1174b75f9dc0a6636227cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
content-length: 30138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 325C 90 KB
31 KB 763ms
723ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c420977971d8a84ba0a82893c3eb118389dee67767141ac81cef22837dd51276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
content-length: 31405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 806F 28 KB
11 KB 392ms
355ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb888f1c9732cddf69c51e3b98306455a2e2aba3cb279c6ad28e6cd9ead756c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
content-length: 10754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28E7 89 KB
30 KB 421ms
388ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeead43a5572e3543fa56e7cd441f9ac5360c435360d7b951042ef75dfaee72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
content-length: 31198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 139ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

POST
H3 200 result Show response
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/cv/ 2 B
745 B 73ms
72ms XHR
text/plain 2606:4700:3031::6815:5f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6d5de5831ae99004
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.jagoanssh.com/?do=dns
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTa2Ffe%2FP8IVReuEmVq1GUB9lDAa58GsSIME%2B2bzWUuAfqETL9ibFkFTGnK66zMeZ%2B%2FN%2Be5%2FqBM6GGWDquNQ0R5S17th%2BSuDwGn0IQjPT2pJqbCGasyWMTFxfoIOGQMHgR3uSUjDNmb1RnIXdlmN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 6d5de58ebd0c5b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 200 container.html Show response
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 675B 6 KB
3 KB 92ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 21:47:05 GMT
expires: Mon, 30 Jan 2023 21:47:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D15C 6 KB
3 KB 93ms
43ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 21:47:05 GMT
expires: Mon, 30 Jan 2023 21:47:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 55ms
54ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1118 / 773 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
25 KB 338ms
337ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2827458361515167&correlator=580329171149441&output=ldjh&impl=fifs&eid=31064561%2C21068767%2C31060890%2C31060032&vrg=2022012506&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=160553881%3A22641338472%2CJagoanssh%2CFlying_Carpet&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=pos%3DFlying_Carpet&cookie=ID%3D2bbd1114a43b817b-220e02212fcd00f2%3AT%3D1643579224%3AS%3DALNI_MZNsC6WK-rqtkF8R1W3_yj0KlI5lA&bc=31&abxe=1&dt=1643579225416&lmt=1643579225&dlt=1643579223933&idt=925&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=120&adks=2120413123&ucis=5&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H82WYOxjrHPJJG0xc6CqAK72j9pua1rgYGZs9bi-PkVVzelinh__mA9p72rPqJQNtxIGajr5o3sLcfphlYtULPAvA&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=true&fws=516&ohw=1600&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4b94183936f0779be9ebb031e139280604f6ec14768e1660ee8b45eef5d111d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25597
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 695F 51 KB
24 KB 80ms
36ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 16:48:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 695F 355 KB
140 KB 79ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 20:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 20:54:16 GMT

POST
H3 204 AGSKWxWwNwsBlEWvQMTvv000jXkvyxIIrC9i0IvTubjn8KAeERlpzuYIfaWYVhte_qG-bsWYRlLOFCMrpgSTmO_Uf7sK8F6mXHdngEXobVCbv08DpRgibXKR95oC4sNtQthtfETv3jVaY8Z5I1TKsfcaUVseoWvsh3vVtD2-DYZO0hFM9NOZGnVHFkKTmGMK Show response
fundingchoicesmessages.google.com/el/ 0
25 B 51ms
51ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwNwsBlEWvQMTvv000jXkvyxIIrC9i0IvTubjn8KAeERlpzuYIfaWYVhte_qG-bsWYRlLOFCMrpgSTmO_Uf7sK8F6mXHdngEXobVCbv08DpRgibXKR95oC4sNtQthtfETv3jVaY8Z5I1TKsfcaUVseoWvsh3vVtD2-DYZO0hFM9NOZGnVHFkKTmGMK

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.U5i-7wRlUpw.es5.O/d=1/rs=AJlcJMzgK0GEEODDR_a7BQEQLv7fnF5k2w/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VrueY+EJ9kwPPdyeTzszug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VrueY+EJ9kwPPdyeTzszug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-VrueY+EJ9kwPPdyeTzszug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VrueY+EJ9kwPPdyeTzszug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWalu6JXuxPCryYsAmwMLCK6ey3Du5J5MRUcd5eGkhMUpCWmv6W3GjKcZLZPmd-2jwGUaneYqxRNJns4PFDrZE3N0M2sX84lMDs7SxfhxqZt4Ti5UPzRQlEj0k71igfx2seYwzwP03WbY8mhitesURgM-okwDqkp68A7mKQVY-Du6hrdqYceksx1fkx Show response
fundingchoicesmessages.google.com/f/ 61 KB
22 KB 109ms
109ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWalu6JXuxPCryYsAmwMLCK6ey3Du5J5MRUcd5eGkhMUpCWmv6W3GjKcZLZPmd-2jwGUaneYqxRNJns4PFDrZE3N0M2sX84lMDs7SxfhxqZt4Ti5UPzRQlEj0k71igfx2seYwzwP03WbY8mhitesURgM-okwDqkp68A7mKQVY-Du6hrdqYceksx1fkx?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI1LDQzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL3d3dy5qYWdvYW5zc2guY29tLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f34dce1876f1252e49d0879d89279114caaa052e95b35315f264b632b1fcd0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CAA5 13 KB
5 KB 89ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 21:45:31 GMT
expires: Mon, 30 Jan 2023 21:45:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0AEC 783 B
532 B 47ms
46ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

416a4175b9e9a2cd86f7ce7276d53521204b552c560aef704ee612daf654ee5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VBHutTymeTbpodbhZE9fAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 30 Jan 2022 21:47:05 GMT
date: Sun, 30 Jan 2022 21:47:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VBHutTymeTbpodbhZE9fAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0AEC 0
0 79ms
79ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=2827458361515167&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 423F 624 B
300 B 50ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 675B 25 KB
15 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di874n8lNhfJ679K1jZEtbDM6gJ8fl9skZcb_FUMLW-27UVj6qcxXKs3Mjt3iodLJGUOXWrufVbsuPvP_JNiDodLaw-L9qNv3U_fVfnnfeb6Mo0Yji8g0UaSf0nSDZgDJOI_bwzeWsZtbVSX7Y8mypayvMLg&cry=1&dbm_d=AKAmf-A0Q9F3FJ3rK_vpauTBpi961ulXZlGAswKoaysLWCZWXB0ERP5xP3TkmGsf2RZddpUdbP-0zsxk3bdJyTx-ujH6dygu9dJCsNp59h6MRYKyYhS7_Muj4jNih1K8yjhynD3eBbDbOrDEWi6L8uhE1Rk6XT3ebJEtsuQ87jJXz-3P3uxCbPUeqMaMNQ1bZz_RGXu71BCEO08dl3CD93P180TBW5VcbQf3lbtSvXpkEp03K7iguGnbExlcexxO7hjhKZS1bHDTPeABUXZ5jFGfmcP1KoqaQevPQkf9Bx6deswdPZS-2l9JXGcW-1duM9oiMmELWlzKVj2nrbPsOnkPRWU972z6xSO3Jl5DHXB5y7kFL6fHoPmix7Pw3KEJRor2As-QeL-Z6JwUyVRn91qj8yoDcRBdvyeaOHRVUiQNSkJnmrxxfypB0KuoIs5gcrVRKvKdaB03uGNjdyO1ExUPCUfpxX6A2do2-E_ket5M6Xn65tJuhiCRzdUX_QEKI8GEoVs4B5Fr8tOL4kTbIHV5En7WsCT2MAl2JNN5T8R5-T4d8EPa1Tn-1F4K7tBvnC6U0yE5Z7zNTFg2JILewlPz1z5qSGW7zWv5RtsqIZiZePGiqE4WI4NWTucf5JIOh3-Cu6yiDrCFMqAy0UGE9cx2z0KMeGVr2jtLxpkLd3HN8T8hGLsaEnxxY9GBCW5KFLj4nHcB41ga1GuyrPt3MbqbeAxvfpKWctaKR-jBAWAtganEOo1P89lH_rzg_uX6vxqcagOyFL40Dr5nG492QEub4aXLdkBH3AwZfQ91Tc_7KJem9BWPD4hNZOeda-ja0IfdR5sLGyMgCoPC8YPHZJzxpD4MESAPtO6bGiGcOmSsjZ4AKmo5TXCXydRDREukMzHAw297TnY7jezDmGFLeH-7GlbF_I2br2-YGRF_qUNt7QFimF758KNJNB5sFHCOW4MS-R38uHc5KlesKd6r4NKIiuGdGTAyQuUSiyUX4EuQDLY57NIej0AcXb-kHyEKy_hHguxu-81atmtoxcNu8mZKhrQwxcoFL360Q9J1Z9VcWu9Q58bDZpy7dxnTFtsxxFs-uLPbNGeBxv-fQiBCPdWNtto8axMuNuD0POMFq3LJHvIFGn5FyL6xStsYSsUVK_AJGdfRnwRD0SAy70VCOeMeVkZqAnP4rsDK50VHgGTaVNOqEHEIhF6XqgTxhrRrj7q57hNaV9GhZUPoCdN6-LMvlucwQ4jZjRzXHOb4TrJPmwGD5TC6StqNU6m_SFH0BMpfAnHufzvsG-IEml8EeAHlNHAMwesNKg62IziOph4BVcbnUWsMjW_aDEwYZSr5DoO-dYmj7jAqX-quj_MsXLvzu2z2g4MEvcUtDArZIIouJCv--TeaAbBB07WadGKZ59S1aP41TUSfLpWC1enFwGJfed91wt4zArmvQr6dgH77tIjMnd2mehCXJMtloklYjYVUy8LCu870KbI5--ycDQgEz5UzYN6u4soSLIrAAEVB6YoTgeg6BqUiKNnNK2ccje7qvgrMOCd1fdpb8usiWV7Dl-W8ptffaCVeRqygFXMYO74oFpuY8h2CpdHz0NeLBnGfVQb8L3g0CYVXF2yvYj7BydatoIGIOuvrVqVS74wfOnXSixZDdQSv5xKuUKuEkMpkKb6x_ksJHUYgLzdTFn0uoxMg_WfyBZX_eRZhsCFJtNXJCpi-hykptrReFTWzDD9D0xMW4XfpkuKVtOklx3sYFVO-QIXzsxVnjBhfLUUi2r-cAQqJpc9ZMfqsDvxG7b2qU0T7VA9eYtzpH472jbcIMtnrh4yce5vmnEyr9z4lYA73mtdirpUUwA-KVzq-Hb3P119CrDRqeXLpJl0Q1mRs2XUIHta9xT1W8RpXIsR-O9bhBi49ybkXUzWFkdMGkO76WGnJBLv_pL6gzousSuT9cFbG6mNQhOaDwXexdIr0ZnQIdPxpKBKflSV3HPl2maTAO_cxTi0CNB85x1lEfnPEFqtx7ajP5s2obn8qAwMest2blplEtPMTpJjTRgZmPzcYjoSeOAvUHW75QykLkEnhvDdEEk5w3flO9Ohs6OKFD9NbvKWE62WiDhkVgzZPyOpD9ztCPZ_TSRPXujHXREgSNseyrb6iQgxa0f9VditlfYqhuM0_R-110IQTmMBCiV9qFS4cY4VZDiFx_iCr0kwebzr0Wzqraej6xaI3BZDEvf6WkE3I0TggIpqWHZtwUCEBbaRoLsPfkq2uvoRQ_QZ4swDjetTm5PQwTwnhZePn2FXKY5pnDy3CYBZnVWAviUzXaW23EJXcNy4QMBx53MOMkSqJr-wXBNdcQkLwpyAiumWi_g31MZt4faOaMhSXEjVwIZoYf_ceEXosiI_NWlAKR-GH-S1seabxBTdL5nWWDJu0Su6tFvo0qLcQcShRCm7kQbBNqAWZ3ymYkQ3ZOqGrZnvAzQ66MMV2gwVYlOapsLtIPl2KRi4RwB7Fwp9CHqTdbLdcRRLeaw30PwKFphcyPVb344Ws0Xt6J3clbWwbb8WcD-5WxVYH6EEVCVn4bBvhZ-3rIedzc7PpcK9B5Ddnj5bjY0dZ9fL0tW2iFLJJH7GwG7uWfZ4HwdoUrQOcnoeGAAzt9WIwDPiKRxfD5Hq9t-MN8DF9WYPxiZlvc1AG5797LcBjwa7IpnmZbsis7rZNACh0WlBxVwBKsmBA3UPJkxbUBXTKvHYZURwKlgkC_EefZtdtqkNuwHEshUHGkUDCwvKRk2hajFEmeIbGXfmne-953RFkQp_HM_4StjnPHTIVwrJFHKhN3o8rUXEHt0qY_n9zrGHCrtBaOOB528rjxEYNUa2I_-KiYbM6RjNE2g0B1VWKvKveuThKqtEZByffMKb6vukRePvP2TqcV9L8n0sAV5ZBxPMo-uLemAO8x_PGoQpIOn6YJQFRjGexj4jpDevvARf2E0tp_k7uQQRna1Mw2howp6Dk-3pthmQav0vxOyWKBJs-UodWSSaO3M0BXK-YKUwB2K8k9-qzo-RMj7lfHBrwORo-gsPKctnJ3baCTpM8d_yBM4Q3VbiFdCEzrjj_3G_8Nc6iGaIFPQtdquxnA7huiGoXMnFsDsMLoylekv5nnW6pmbLof20mFZhZ6HE5q3nP2cagxxcWAFM37-NK9ZkENMmB4dxUj1AzRAK2kXkD3FaCBUldebWZta7LmrvULe4ohIxC09lAbnPxD6HvvYQF2sOzdIiRDUYVSzF1qMugDggWPdOr6LINMNt7PWf4iy-7&cid=CAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d80fa44808b9011edded6804b3450868a7cb22add2cb7980c09e5bc903caf60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 675B 42 B
63 B 71ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxlTRyf_ojLgQGVwMBvvI2tV9sO5_jQqMQal9nLwPPMwI9JyqZVxvdYHO-zWUhKTUuvIohtQEWtlxMsjHQvaXZZuDd6JMyJhlPNsRiPZv9N04gOBA

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 675B 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 675B 123 KB
38 KB 144ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 675B 14 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 675B 0
0 44ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXca6BVOgPe-tYzBjsCChpHWoGju6YEHUjeNxMly_QmjYRaBd4eTna5Byyp4soMV1fo5YsmLQqGmyO9x6Lff5TkjO2Rg
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DEEE 624 B
300 B 52ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 30 Jan 2022 21:47:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D15C 72 KB
30 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRQlTBL_nRkeekKDAR4k09Mz4R8Of2XAsG-xMhr2KxxF7JBYvwGCkn4VXHiNJdix8YbmnEkzgebWhG1mTbqcJtrTXZQT_quYJ4EfuvIs8ExQQ8lT_5FoNZFtqoar6tqo3wGvNfhkd9hwl4JoWHiAaw443sSQ&dbm_d=AKAmf-AR66pPfiZeyT5FWO5HMePeTnT2QHEMQspma3QC-lnvEJ0N2-POnOVBMr0rHzwHTAnVSVPTE-_HMcqQJawiQqFFX9N23g5IeyUqIhvjCF_LD5DkIqZI7-nvwPYaEE3dBHHZwIv8ZD-tX6BNl8pN8YhVwEW0suz8E-ibS5Zr-7F7BkAAOIyu7cVtxOFQLaQ_zBMEGOzYuvOECwIwwW70odJyzLwIrbPaL_PWIvgCWAV4R4w83-v5vE3d1JSETyFjhMeZn6sRVclEFjhVOUas9lls4Ka0sIaHnNFfJczVgQaLH1HdQQ_dZ_c3ZhPQ7Ysyo0r1p3nTWMrkU5vDMEB-HSWW0WXKTL_-GawhDgFCIJFj_5VkMnmol-BzNSM5eeJvQHqeP2cTxN4UZMRGMXb4yCILNNM03vTawQvxhJ-W2EHn16XZaFjMsCsTPd2Ju2jJnCwOMjeeCPgRiCWyENeDxO8NkyNll2sKnqeriWH0D-H6LnOUYCwxsUTYl8MC_5NpjyXuhh1GZqpMFTsowlrmC3K4paVbp1N5mJN1XqlTWtwMWSIB-YiryK_lJ6YTYJBN3QcuE0wOWDQLTSGwmH_ox5_XrFeUNvKgzQc4yZxAoMu27jWM4qi4ie-TLi5rcgNFtIEhDsNi6TnpkUNgvs-KZtmI3fFzbxQmFV1wrHMunwEbbTmZ3RgmQtFYV_y2vr4Wdu_-4UysDdBVS5d1G529JrW5oaDfEFOyNFWUSaPki9XEwdfAqMQW58IMYtXFpozkHC3m9T3WiRR_nuhaIpUTwKtfTrvEKRlCzxPNZ74sRLKpL-r0ONMwOS2v3Ko5KY5cmiIDIp35XYOsJp036Q4zl0AuME_NgpMicCC9u1X6MJkHsXJXS4dkOmoz0TUJrVTj5tLvWUBOwblvljhbp_csoDfZ5yIU9_RiPle0Hd-cQd5gYV_oCTQ7ZlnZOK6uI2meDeWYCOQ-YiTq2CRn7aG6w63GgER-nVCth9M4Or7HYwbMcNxRPTlXxb-X7-GjUQjDNLFcydz5wZM8hnBJqBaujgpTYyyaRzA54spg87OofLvQfaukW2mBS43aoafoJr9O0CTDF_CbvaNDsNVpXA-MDAcge2DgS9qZ8QfeYSa1I_7WEcvzMx9bCCTxeWObC__cEtfzmIGg5ZLBwPXs9lyYAwdKd7RaNQtiENkxjl7d8Q1-aSPoG4Ceu1_hG9ko_wQe2dVsfzrexNNI86WfBORbxBdN5rnnPZM2SY7PuRues3OUUj3YKiz1tgZYCRpgkv66W4IxCr4Qo2a5xU6lkxdrKtmbftwyvwpqCDVStXXDeUBWMJXXhHAof1nWpYWQxrsPfph_2mjIYnr2oa66ToaHsok94H251q4iBjjcDO-RH_-Pcbl-XEqf_CLO9XgPkj_Kzhq4AVYR59gf501JCM9rj3W9-tHYqLp4iBu97sqG5CF1tlvLz7Mcz9xqhyZQSJGX2M-Cbyvv2ZEC4B59jDwuV10nWBTrarsA0VUvLncfTKy5i16BMA3xSwe1ogi7R3EXdATQSMJMpUud9mQRy-w-rlNgivGtNd2dyW0dCjHs8O-fJQ0I5ovu9M9XcaZFVogsK4Hf4_aipjwk-hPJY8-uJo1s82mpcm-udOAw_abaMsW-2MmwCPtAV5YoA70t46duxRKqhqG38zF0mshPlTZJpNernfA-c_zLXAxlnBIg3zLBb-qyK9Gel9euZQ68CdE3M2aKRVKZmVLo1rW0_hQuPkObMUlEb1FQmpg4BJAfCSj_ij4R9KpEkkvpMVWdV4azzb702XtJDm9N4yhduK4WgP-KHaGdPNgSTzfc8s3oSFfeuJpa5xu8-_0xBS3Q_2iBV4Lq7ZaQMDXN__THHUsDXwmIYywvFIAT5bFgW8kv4wUiygYCIlWFB-N-9GJTIlg-vhDn50IfjnUf1bsbbB9eHsL8PtUn92slcImDTwdDmKqzqRwNa1bTsTDp2Rw3QYZTLNNt_u2n6OHMgJeDvy9AKh6_LcgbnZU3ITXyrBQs2C4RHO5fDRt3OKa-y1ebYSYJhOAtWTx4vaDiimuYT0sXoCUZ4r97wDgMsqRCguC4DT-AHIWjzNi8_edQjWwfmmWZdYW5fuNs7EJq5jyVZJtdcQ86SuWtO5h-RMjqd1Tzs4_YLA5pMsqCWZXdpMsnm_fV54CmXa7IAApU-wGz_BP3_IC94zhe96eRjm6hDdDscEkZ3GyyTjLZX3NWauvgFUyDQqwzmwhNe3zdaCeUlGleeQhI4zayzS4sPlW_S1t4t6DgEheAiBiXl6OMwh97Zs1qBRlhNeS1aybyw6seS9GOPYYbFja0resuBN3yM-_fWRMAw6j0vZBcq1FLpbc_3Zza03NMGAYWVpxkB_P_waQBlyYDAN_gHpoMBfMBgWcvXBbpCw7DYw09Y6m3CjbAct6RanyQVGMHYHPJvY29m0TdzGIMFtQ0L3kYqSUzzh2tsIBdc11snkCoDazJU4ZGYRgAQxxM8Guo-MaJzLNNvvtmzOfus9uPrMLu_aAyOBknSFgVjzyiIZX4f_WcqN0Z4FWu4P9dgWX2kqOw8r32itAXpuXTl9SKvNxvoBaTtPsslugkyCZkeqpmeQ9sK78qLOktzvZEgYz1CDnDjddAYjRoTVoKGDHut7b1uUGz_LFn4v5z0k7U6mtuWHWprkvDrZY59o2i6pZza7KX6t9liOEiOxTb8iQp4xR7xZmDjBrlsJoorhm05uvJNrFCYQlVNGUDWtAJ8sC0JKMPCVdPJ80lUw_edcIYXCXSYoa64xTZK1-oWJsWo0xqOPE0XEcOWjtbJaEpyAnPZrIw6sXyBz92e1jtMQ6nn2rxvn8UnKSuL9alP9GYwKkZtqT4w2kCYfXW9EaRP7C_7SFL9kX2X35NYDSXXhK8WXtFEIy3BxN3ddgS45N1iURAnDezYhogBkQ15Op-sfMCfbiXxGKfeE3-EtsHpDJIFrKwRxS7BzAlqKhfpwC4EIaeLgmBg-v8x5iioLS0ax5Efg-Jkv06MzxhkmxdpgyBr9rcGxbbveNi8Q7XWTohWugN4uvEr1wpRSOVfjhdLEvzYC45nuzzP19smJtFVgO_-j5MyC9m-Y40dWstiOQrEtqQkseqVddVRkQ5ftrXka9y2K7CmCc8_0Hm7ESrhmCEMkk81XdTKeAzMowZaonmTAMTI1cevZsvRKUR9zNnk85mgBgdZtcBFXp-tIBrLL-k3e8f9uNifbkLYv_6GS95-i8GbtPoSWOJIHmOq_fVWJr1l5PeGO2UJUDv9VrDGq0gpk7evLEW-5GUih_aOyCPCW_jBWvbN0hW0xxEKk5zRb1z&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c8dfc5e67b17f50316f8c627d2011d95a83b834c53681e9be10dd665424fd05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30895
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D15C 42 B
63 B 72ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DitiqIW3K2VF4bE8G7dEL9LE9a33KRxziE3xZ_HFNrQPFGrwCGTd4_04rD7gAyAe8jVyeMfOAWMDkb9DwDkYm-eWBHAjkVTTZYEOddAGqRBoSTDbk

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D15C 2 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D15C 123 KB
37 KB 188ms
96ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D15C 14 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D15C 0
0 44ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4Vq4HDMIrIBsuy7HJOhfSOvcxMFjils8bKFzqgjoFLKwLNAV5TYufi2iib_GWNN4zk8Y1WCQHqeC61G9aRmLdcpTVbw
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame CAA5 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1

43 B
894 B

30ms
30ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 423F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1

43 B
1008 B

52ms
26ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2d23d64f-1753-4d2c-bb9e-6cadd42cac17
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 423F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4f353af2-9eb8-4a8d-be48-926759db0977
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DEEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1

43 B
894 B

61ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DEEE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DEEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1

43 B
1008 B

55ms
27ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f85494cd-90e9-4d3c-8564-9082b68108cb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 36f0e808-c667-454d-b91b-f75734411d65
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 695F 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 695F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 695F 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 442037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 01 Feb 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 695F 15 KB
16 KB 126ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 469740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 675B 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di874n8lNhfJ679K1jZEtbDM6gJ8fl9skZcb_FUMLW-27UVj6qcxXKs3Mjt3iodLJGUOXWrufVbsuPvP_JNiDodLaw-L9qNv3U_fVfnnfeb6Mo0Yji8g0UaSf0nSDZgDJOI_bwzeWsZtbVSX7Y8mypayvMLg&cry=1&dbm_d=AKAmf-A0Q9F3FJ3rK_vpauTBpi961ulXZlGAswKoaysLWCZWXB0ERP5xP3TkmGsf2RZddpUdbP-0zsxk3bdJyTx-ujH6dygu9dJCsNp59h6MRYKyYhS7_Muj4jNih1K8yjhynD3eBbDbOrDEWi6L8uhE1Rk6XT3ebJEtsuQ87jJXz-3P3uxCbPUeqMaMNQ1bZz_RGXu71BCEO08dl3CD93P180TBW5VcbQf3lbtSvXpkEp03K7iguGnbExlcexxO7hjhKZS1bHDTPeABUXZ5jFGfmcP1KoqaQevPQkf9Bx6deswdPZS-2l9JXGcW-1duM9oiMmELWlzKVj2nrbPsOnkPRWU972z6xSO3Jl5DHXB5y7kFL6fHoPmix7Pw3KEJRor2As-QeL-Z6JwUyVRn91qj8yoDcRBdvyeaOHRVUiQNSkJnmrxxfypB0KuoIs5gcrVRKvKdaB03uGNjdyO1ExUPCUfpxX6A2do2-E_ket5M6Xn65tJuhiCRzdUX_QEKI8GEoVs4B5Fr8tOL4kTbIHV5En7WsCT2MAl2JNN5T8R5-T4d8EPa1Tn-1F4K7tBvnC6U0yE5Z7zNTFg2JILewlPz1z5qSGW7zWv5RtsqIZiZePGiqE4WI4NWTucf5JIOh3-Cu6yiDrCFMqAy0UGE9cx2z0KMeGVr2jtLxpkLd3HN8T8hGLsaEnxxY9GBCW5KFLj4nHcB41ga1GuyrPt3MbqbeAxvfpKWctaKR-jBAWAtganEOo1P89lH_rzg_uX6vxqcagOyFL40Dr5nG492QEub4aXLdkBH3AwZfQ91Tc_7KJem9BWPD4hNZOeda-ja0IfdR5sLGyMgCoPC8YPHZJzxpD4MESAPtO6bGiGcOmSsjZ4AKmo5TXCXydRDREukMzHAw297TnY7jezDmGFLeH-7GlbF_I2br2-YGRF_qUNt7QFimF758KNJNB5sFHCOW4MS-R38uHc5KlesKd6r4NKIiuGdGTAyQuUSiyUX4EuQDLY57NIej0AcXb-kHyEKy_hHguxu-81atmtoxcNu8mZKhrQwxcoFL360Q9J1Z9VcWu9Q58bDZpy7dxnTFtsxxFs-uLPbNGeBxv-fQiBCPdWNtto8axMuNuD0POMFq3LJHvIFGn5FyL6xStsYSsUVK_AJGdfRnwRD0SAy70VCOeMeVkZqAnP4rsDK50VHgGTaVNOqEHEIhF6XqgTxhrRrj7q57hNaV9GhZUPoCdN6-LMvlucwQ4jZjRzXHOb4TrJPmwGD5TC6StqNU6m_SFH0BMpfAnHufzvsG-IEml8EeAHlNHAMwesNKg62IziOph4BVcbnUWsMjW_aDEwYZSr5DoO-dYmj7jAqX-quj_MsXLvzu2z2g4MEvcUtDArZIIouJCv--TeaAbBB07WadGKZ59S1aP41TUSfLpWC1enFwGJfed91wt4zArmvQr6dgH77tIjMnd2mehCXJMtloklYjYVUy8LCu870KbI5--ycDQgEz5UzYN6u4soSLIrAAEVB6YoTgeg6BqUiKNnNK2ccje7qvgrMOCd1fdpb8usiWV7Dl-W8ptffaCVeRqygFXMYO74oFpuY8h2CpdHz0NeLBnGfVQb8L3g0CYVXF2yvYj7BydatoIGIOuvrVqVS74wfOnXSixZDdQSv5xKuUKuEkMpkKb6x_ksJHUYgLzdTFn0uoxMg_WfyBZX_eRZhsCFJtNXJCpi-hykptrReFTWzDD9D0xMW4XfpkuKVtOklx3sYFVO-QIXzsxVnjBhfLUUi2r-cAQqJpc9ZMfqsDvxG7b2qU0T7VA9eYtzpH472jbcIMtnrh4yce5vmnEyr9z4lYA73mtdirpUUwA-KVzq-Hb3P119CrDRqeXLpJl0Q1mRs2XUIHta9xT1W8RpXIsR-O9bhBi49ybkXUzWFkdMGkO76WGnJBLv_pL6gzousSuT9cFbG6mNQhOaDwXexdIr0ZnQIdPxpKBKflSV3HPl2maTAO_cxTi0CNB85x1lEfnPEFqtx7ajP5s2obn8qAwMest2blplEtPMTpJjTRgZmPzcYjoSeOAvUHW75QykLkEnhvDdEEk5w3flO9Ohs6OKFD9NbvKWE62WiDhkVgzZPyOpD9ztCPZ_TSRPXujHXREgSNseyrb6iQgxa0f9VditlfYqhuM0_R-110IQTmMBCiV9qFS4cY4VZDiFx_iCr0kwebzr0Wzqraej6xaI3BZDEvf6WkE3I0TggIpqWHZtwUCEBbaRoLsPfkq2uvoRQ_QZ4swDjetTm5PQwTwnhZePn2FXKY5pnDy3CYBZnVWAviUzXaW23EJXcNy4QMBx53MOMkSqJr-wXBNdcQkLwpyAiumWi_g31MZt4faOaMhSXEjVwIZoYf_ceEXosiI_NWlAKR-GH-S1seabxBTdL5nWWDJu0Su6tFvo0qLcQcShRCm7kQbBNqAWZ3ymYkQ3ZOqGrZnvAzQ66MMV2gwVYlOapsLtIPl2KRi4RwB7Fwp9CHqTdbLdcRRLeaw30PwKFphcyPVb344Ws0Xt6J3clbWwbb8WcD-5WxVYH6EEVCVn4bBvhZ-3rIedzc7PpcK9B5Ddnj5bjY0dZ9fL0tW2iFLJJH7GwG7uWfZ4HwdoUrQOcnoeGAAzt9WIwDPiKRxfD5Hq9t-MN8DF9WYPxiZlvc1AG5797LcBjwa7IpnmZbsis7rZNACh0WlBxVwBKsmBA3UPJkxbUBXTKvHYZURwKlgkC_EefZtdtqkNuwHEshUHGkUDCwvKRk2hajFEmeIbGXfmne-953RFkQp_HM_4StjnPHTIVwrJFHKhN3o8rUXEHt0qY_n9zrGHCrtBaOOB528rjxEYNUa2I_-KiYbM6RjNE2g0B1VWKvKveuThKqtEZByffMKb6vukRePvP2TqcV9L8n0sAV5ZBxPMo-uLemAO8x_PGoQpIOn6YJQFRjGexj4jpDevvARf2E0tp_k7uQQRna1Mw2howp6Dk-3pthmQav0vxOyWKBJs-UodWSSaO3M0BXK-YKUwB2K8k9-qzo-RMj7lfHBrwORo-gsPKctnJ3baCTpM8d_yBM4Q3VbiFdCEzrjj_3G_8Nc6iGaIFPQtdquxnA7huiGoXMnFsDsMLoylekv5nnW6pmbLof20mFZhZ6HE5q3nP2cagxxcWAFM37-NK9ZkENMmB4dxUj1AzRAK2kXkD3FaCBUldebWZta7LmrvULe4ohIxC09lAbnPxD6HvvYQF2sOzdIiRDUYVSzF1qMugDggWPdOr6LINMNt7PWf4iy-7&cid=CAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:40:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 675B 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 695F 102 B
134 B 46ms
45ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D15C 106 KB
38 KB 143ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Origin: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 11:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 11:11:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame D15C 8 KB
3 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRQlTBL_nRkeekKDAR4k09Mz4R8Of2XAsG-xMhr2KxxF7JBYvwGCkn4VXHiNJdix8YbmnEkzgebWhG1mTbqcJtrTXZQT_quYJ4EfuvIs8ExQQ8lT_5FoNZFtqoar6tqo3wGvNfhkd9hwl4JoWHiAaw443sSQ&dbm_d=AKAmf-AR66pPfiZeyT5FWO5HMePeTnT2QHEMQspma3QC-lnvEJ0N2-POnOVBMr0rHzwHTAnVSVPTE-_HMcqQJawiQqFFX9N23g5IeyUqIhvjCF_LD5DkIqZI7-nvwPYaEE3dBHHZwIv8ZD-tX6BNl8pN8YhVwEW0suz8E-ibS5Zr-7F7BkAAOIyu7cVtxOFQLaQ_zBMEGOzYuvOECwIwwW70odJyzLwIrbPaL_PWIvgCWAV4R4w83-v5vE3d1JSETyFjhMeZn6sRVclEFjhVOUas9lls4Ka0sIaHnNFfJczVgQaLH1HdQQ_dZ_c3ZhPQ7Ysyo0r1p3nTWMrkU5vDMEB-HSWW0WXKTL_-GawhDgFCIJFj_5VkMnmol-BzNSM5eeJvQHqeP2cTxN4UZMRGMXb4yCILNNM03vTawQvxhJ-W2EHn16XZaFjMsCsTPd2Ju2jJnCwOMjeeCPgRiCWyENeDxO8NkyNll2sKnqeriWH0D-H6LnOUYCwxsUTYl8MC_5NpjyXuhh1GZqpMFTsowlrmC3K4paVbp1N5mJN1XqlTWtwMWSIB-YiryK_lJ6YTYJBN3QcuE0wOWDQLTSGwmH_ox5_XrFeUNvKgzQc4yZxAoMu27jWM4qi4ie-TLi5rcgNFtIEhDsNi6TnpkUNgvs-KZtmI3fFzbxQmFV1wrHMunwEbbTmZ3RgmQtFYV_y2vr4Wdu_-4UysDdBVS5d1G529JrW5oaDfEFOyNFWUSaPki9XEwdfAqMQW58IMYtXFpozkHC3m9T3WiRR_nuhaIpUTwKtfTrvEKRlCzxPNZ74sRLKpL-r0ONMwOS2v3Ko5KY5cmiIDIp35XYOsJp036Q4zl0AuME_NgpMicCC9u1X6MJkHsXJXS4dkOmoz0TUJrVTj5tLvWUBOwblvljhbp_csoDfZ5yIU9_RiPle0Hd-cQd5gYV_oCTQ7ZlnZOK6uI2meDeWYCOQ-YiTq2CRn7aG6w63GgER-nVCth9M4Or7HYwbMcNxRPTlXxb-X7-GjUQjDNLFcydz5wZM8hnBJqBaujgpTYyyaRzA54spg87OofLvQfaukW2mBS43aoafoJr9O0CTDF_CbvaNDsNVpXA-MDAcge2DgS9qZ8QfeYSa1I_7WEcvzMx9bCCTxeWObC__cEtfzmIGg5ZLBwPXs9lyYAwdKd7RaNQtiENkxjl7d8Q1-aSPoG4Ceu1_hG9ko_wQe2dVsfzrexNNI86WfBORbxBdN5rnnPZM2SY7PuRues3OUUj3YKiz1tgZYCRpgkv66W4IxCr4Qo2a5xU6lkxdrKtmbftwyvwpqCDVStXXDeUBWMJXXhHAof1nWpYWQxrsPfph_2mjIYnr2oa66ToaHsok94H251q4iBjjcDO-RH_-Pcbl-XEqf_CLO9XgPkj_Kzhq4AVYR59gf501JCM9rj3W9-tHYqLp4iBu97sqG5CF1tlvLz7Mcz9xqhyZQSJGX2M-Cbyvv2ZEC4B59jDwuV10nWBTrarsA0VUvLncfTKy5i16BMA3xSwe1ogi7R3EXdATQSMJMpUud9mQRy-w-rlNgivGtNd2dyW0dCjHs8O-fJQ0I5ovu9M9XcaZFVogsK4Hf4_aipjwk-hPJY8-uJo1s82mpcm-udOAw_abaMsW-2MmwCPtAV5YoA70t46duxRKqhqG38zF0mshPlTZJpNernfA-c_zLXAxlnBIg3zLBb-qyK9Gel9euZQ68CdE3M2aKRVKZmVLo1rW0_hQuPkObMUlEb1FQmpg4BJAfCSj_ij4R9KpEkkvpMVWdV4azzb702XtJDm9N4yhduK4WgP-KHaGdPNgSTzfc8s3oSFfeuJpa5xu8-_0xBS3Q_2iBV4Lq7ZaQMDXN__THHUsDXwmIYywvFIAT5bFgW8kv4wUiygYCIlWFB-N-9GJTIlg-vhDn50IfjnUf1bsbbB9eHsL8PtUn92slcImDTwdDmKqzqRwNa1bTsTDp2Rw3QYZTLNNt_u2n6OHMgJeDvy9AKh6_LcgbnZU3ITXyrBQs2C4RHO5fDRt3OKa-y1ebYSYJhOAtWTx4vaDiimuYT0sXoCUZ4r97wDgMsqRCguC4DT-AHIWjzNi8_edQjWwfmmWZdYW5fuNs7EJq5jyVZJtdcQ86SuWtO5h-RMjqd1Tzs4_YLA5pMsqCWZXdpMsnm_fV54CmXa7IAApU-wGz_BP3_IC94zhe96eRjm6hDdDscEkZ3GyyTjLZX3NWauvgFUyDQqwzmwhNe3zdaCeUlGleeQhI4zayzS4sPlW_S1t4t6DgEheAiBiXl6OMwh97Zs1qBRlhNeS1aybyw6seS9GOPYYbFja0resuBN3yM-_fWRMAw6j0vZBcq1FLpbc_3Zza03NMGAYWVpxkB_P_waQBlyYDAN_gHpoMBfMBgWcvXBbpCw7DYw09Y6m3CjbAct6RanyQVGMHYHPJvY29m0TdzGIMFtQ0L3kYqSUzzh2tsIBdc11snkCoDazJU4ZGYRgAQxxM8Guo-MaJzLNNvvtmzOfus9uPrMLu_aAyOBknSFgVjzyiIZX4f_WcqN0Z4FWu4P9dgWX2kqOw8r32itAXpuXTl9SKvNxvoBaTtPsslugkyCZkeqpmeQ9sK78qLOktzvZEgYz1CDnDjddAYjRoTVoKGDHut7b1uUGz_LFn4v5z0k7U6mtuWHWprkvDrZY59o2i6pZza7KX6t9liOEiOxTb8iQp4xR7xZmDjBrlsJoorhm05uvJNrFCYQlVNGUDWtAJ8sC0JKMPCVdPJ80lUw_edcIYXCXSYoa64xTZK1-oWJsWo0xqOPE0XEcOWjtbJaEpyAnPZrIw6sXyBz92e1jtMQ6nn2rxvn8UnKSuL9alP9GYwKkZtqT4w2kCYfXW9EaRP7C_7SFL9kX2X35NYDSXXhK8WXtFEIy3BxN3ddgS45N1iURAnDezYhogBkQ15Op-sfMCfbiXxGKfeE3-EtsHpDJIFrKwRxS7BzAlqKhfpwC4EIaeLgmBg-v8x5iioLS0ax5Efg-Jkv06MzxhkmxdpgyBr9rcGxbbveNi8Q7XWTohWugN4uvEr1wpRSOVfjhdLEvzYC45nuzzP19smJtFVgO_-j5MyC9m-Y40dWstiOQrEtqQkseqVddVRkQ5ftrXka9y2K7CmCc8_0Hm7ESrhmCEMkk81XdTKeAzMowZaonmTAMTI1cevZsvRKUR9zNnk85mgBgdZtcBFXp-tIBrLL-k3e8f9uNifbkLYv_6GS95-i8GbtPoSWOJIHmOq_fVWJr1l5PeGO2UJUDv9VrDGq0gpk7evLEW-5GUih_aOyCPCW_jBWvbN0hW0xxEKk5zRb1z&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:39:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame D15C 23 KB
9 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:40:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 28E7 8 KB
888 B 90ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:13:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7 1 KB
875 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F971 0
0 83ms
81ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C411GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhExPiMLtk6Hb-H5q72m-X2bt_-7dtUahYcJuxzq-IECJCnyJO7C34AGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=IT96SQTGi2E&uach_m=[UACH]&cid=CAQSGwCNIrLMnwsQm6HWa6VjQEB2BcY62NcOmTKllBgB&tpd=AGWhJmu2V7K1R9Y7c_08jdZw97LCdBoYJ_Odr_ph4edFSaeec5gJkh1rofzMCPhqLoJMhYUPK8wPrCDlBEW50TbSEeYntm_ffFzzhCYRj6DaRZAPSJBFBioPdPEVHJd5kTOWrREwe-f8_OoGyIBhsc2mXI4JU7LXjDWRtnG3OgePCr3p3aLHiEkTtjKGq37c_jB1GlPQmoVicPZ43I0He5XN21cYlBKhO4AC1iVlBijQBnw4CyGelONsUrT3-ndNq7vmqfovO__0GgUwR8CrsT6kDS1zFL2uI3UNxnyzwlUmWWsDD0hf1awu8xxgtZJsaAjdcqTbhvM4ZMiBmUCar3kuXwelyjP_oDRcwtO9vojwXnLU_6-Ktog6Dcg_qoOMSWxal1A4j1Z1O0Tl1tYAy9ZfgAMKzXEURbTVt3B0-scmuWWncbAYHLNNTLXpOXCesA5zVXdVo2RpLQagdolJ4p87TBI35MfgNt45Nrgb01k-hff_6mdTvG_G6TAIi45eYwWBJug0Xhte8JqYj608PE5h2yZ88Yec_A04UgcYnuNcKO2fztWw0w0PQocPu9h1_jecjD2jbOFGh2yifflLpIwUJKUtmvJ2SZh-gq6s0C-Lsqbd0lllPE0VR915ysjBLBAkl1sD23jfyB-KMczADrGjapUFCaBYBt8u9v2Ne3t2Xqay4ZwP818VWzuwwgI_rYxjQR_eZR1L9iY12jzEADOQ6u49jqWduvfsOfhV_2QVMxRGrpjYeEDoqWW9hkPboBrg4yqWIfsP6LLaNlICRNGChwxAeVu7sMYwF197Q2MSNNuKWsMCsgO13Y1gzQ40hfvf53l-UX99HA3hf1cNw3ZS6gtMsP3-aiZy8sbYyjKNhcGF0hz_y_D54NvD1Miz0rMMjtgS453iORZSUskFhEoQNmyVaWfTFD4Av0OwZkJ1f5fDHvaL93PG-r14GXLMCQVzDu_yQEYgPR6x6G731E0f2mKkbQ-hvswJlRiu_jmjGrWzfdK26rQjIf7tSt5DJH_LVwKB1qN4YAN11n7-JnhKlgzVLJSebQUr0893bdzoiGGnJfx1Y_6Hz9O30A8iRdwHRN4

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 Jan 2022 21:47:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F971 2 KB
2 KB 80ms
34ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.0 /
Resource Hash: 6de40905de741f102a7901a3e62cfbd9424555aa62d247ad8d68ec266d5dd92a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1643579225
Last-Modified: Sun, 30 Jan 2022 21:47:05 GMT
Server: MMBD/3.300.0
x-mm-latency: 22 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x39, cdg-bidder-x52
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F971 2 KB
1 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F971 123 KB
37 KB 97ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F971 14 KB
6 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 28E7 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7 2 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28E7 123 KB
37 KB 111ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7 14 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 28E7 27 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9405 7 KB
1 KB 57ms
56ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90c5e879a6bb719bd591edb94ed0a04539f91b5055a274575a38f7e14fb776d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pP/QE1T+5+g1gR2B2bfvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Jan 2022 21:47:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-pP/QE1T+5+g1gR2B2bfvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11208049994575907339/ Frame 28E7 37 KB
37 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11208049994575907339/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f813da14d17d7228fde504ae1e7f073d14876cd92f51abd3d8fe4cc5edf5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:13:47 GMT
x-content-type-options: nosniff
age: 1998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37605
x-xss-protection: 0
last-modified: Fri, 12 Jul 2019 16:33:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 30 Jan 2023 21:13:47 GMT

GET
DATA 200
OK truncated
/ Frame 28E7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 28E7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 container.html Show response
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8B2 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 21:47:05 GMT
expires: Mon, 30 Jan 2023 21:47:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28E7 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWGijWQf3YfTMEY2IxdwP5MmC2AeB2aCwXKTkstW2DZCDhZ4LEAEguqTUZWCV4pCCoAegAdOc-L0DyAEJqQLm-aeNeXpLPqgDAcgDywSqBNQBT9BdTddFcVAHSdNz3B8Z29q2U8IOw4XH2Qkn1GV5Ewjh1asP66BD62o5pk3C2F5Up381L0kaD27Xwvgqek61-ndWNyj5Flt62T-sBEof0heldTIS5IfvgnQ1HkN6gOp7DFSxMfale_9p8tz0RlKBySGWqOko5XLvxLbEQRU2q5nP6-Fvxj0wG7BlHNwfwmsBCL3AjFNMv0HKEuwzSxAunEZsQ7v4cet4TcbD2NjW3n1_7t16NoWh5HPerrZFEAxVyPz07ulf5xu5Jxv9yIXA2peQNw3ABKHu54uKAZIFBAgEGAGSBQQIBRgEoAYugAeV44dCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6aYF0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTQzODk5NjE3NjU5MjY2GAA&sigh=XzFctByBU3c&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 Jan 2022 21:47:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B6E6 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 101711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 4as54di69f4s Show response
hal9000.redintelligence.net/zone/ Frame 675B 11 KB
4 KB 47ms
12ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e76ce1a225599c0b17c4a4c4b3b49bb0afdaa2b7e0bc7581ec5b9f524c8c5857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3968
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D15C 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
DATA 200
OK truncated
/ Frame D15C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ebfc313a59d63927ed3d9c43d2210ff5594f2cbaf95137faf804b139b343bb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CAA5 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qPU4KQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame F971 11 KB
4 KB 34ms
12ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=6249250641117210892&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 1c02a93417c62551493ed97235c99ef7b6ebd49f04e97005be613fdccfd98294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3425
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame F971 49 B
329 B 53ms
30ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6249250641117210892&node_id=355&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: MMBD/3.300.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x76, cdg-bidder-x52
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F971 43 B
404 B 101ms
39ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6249250641117210892&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F971 49 B
329 B 59ms
35ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6249250641117210892&st=4562306&time=1643579225&nodeid=355
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: MMBD/3.300.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x66, cdg-bidder-x52
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 30 Jan 2022 21:47:04 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9405 51 KB
24 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 16:48:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9405 355 KB
140 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 20:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 20:54:16 GMT

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame 675B
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

133ms
91ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 879644896c5fdb364366c5efbf1cb7981527397b0f1455ae7fc4231b3c7061a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 39428600313163300757589011855013
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 955
Expires: Sun, 30 Jan 2022 21:47:06 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 30 Jan 2022 21:47:05 +0100

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736 4 KB
2 KB 96ms
49ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edea4757f61c1a939af7dbe2a2c9cee16982c870a7ffe110948ae01503a7150b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1545
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 15:24:32 GMT
expires: Fri, 27 Jan 2023 15:24:32 GMT
cache-control: public, max-age=31536000
age: 282153
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D15C 0
61 B 185ms
87ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoJN8wbKVy-iuLDPqxtTFSB7id-kJkuiGzYMJ0TqWY4B9M2f2an0miqdrJOidA33afmjNz1rJSKhz6hgPYfJ1syebXvAHzB8ol9nEy2azPAJhOm8x_lx8VrGctevGh6dYO-AqRWWf3F8LphjAbrjzir7L4YkjcjclvAHAphW3Yn3L37-uQR7KZLFRHNVwfUJmwMr7bdR13nyA2xzHVSZyoRTPFOk5o5jhd_hpRP2KgQBAxB6galIYIhR0MZ4jZZf0W0a6yGhpITm44h6vm04NB2kEOEZJbNGgsJ-U0fCNCtEvTK6-2h67Pbk748eu0RdG4LDmSLQEms3ZWPK4uizT4pXJ7EGkqf3c6Zi8hWaZ9s4bbO2p5g0pnNIedqWPhxouup2HUS9WIL9jwCDzhXTxFwJRE2gYbprGiXZyfvdJGGDQwUQbJG4yWj-UZsmxheDhuAz5qAwx1jJviEh5hxi77qBIkgH7YfS7Xgy9ByRTZL1hPPYOf7CGqwmmtz2XD_28BvSngT32Bylg0Gndy9tScsKwKHTf5ftK510TpCxUPliiUi2tiF0UG0ldxRqvD6uhEWnFpZN1KT-zwtvROfsH79hb2nAbCBFC71ZmXbZWXvo-dsLoqs1HqwNYhYPqxqnU3d9z8OjktN8L61j4DECQB4Ez14IVECFDL3WqRWuqB5FsQ1RTOCzO0K8ma8v5f3XeSwl1KZweSbWvbO-7k41o-DNTePfNHNE8aJin8hcPZr_wAJkMGzPbSgv2xmnptuNa029EOX1s2NJYMQjExefnoN8a5QWjIl0b6FTNacHAz2hasmWZc1on_fvIx0uTRkw9DAVZU5tQlY1ApsUCknuTnkFhzZfW5lgE0uy33SH9DKBAVco8YRsrlhFh1ku_GSmNCCyXucY3A5T90Jn6o3WxAu4OsM7by-rEP0Mk8UHSD1iTrjKAgKsa-dHfk_U2AjBGxUzhQ86r3OygTRXJw2aHvS3quS4MwW8cDZgVL5qsJbuZr6JpCD0hQkXC4rg7Qpu_xJFQzSR0xSrTsuI045P0v5orayISvjSrx8b5rPWdw_xw_A4pG1IdICYNXEnY75lvJM0Hx26Wy4Is9ua1vwDOYbG5jLm4cmrKP6lPKqS50F4eDL6LoVARyQ7IGgOFh-d68is2hO7V6qNDLbJu1ZT3ImYQ0-slOWn9movg8h9LSm5V006c4hLIxesU1iDjKVdS3Rdlnv2SRt7WnsgCu&sai=AMfl-YR7QQTDdTe7aqNOmubpV6ElwKVqFdAtlOl1WjDN_HDVwuGmLoeQ32L5Lic0cRckjMLKWnn1FXQSL6j_VIiZoss5ipDGCmQagCF_IxrAx4vcGKfY98PKKtRu5qzli5b5333ORTn8GXD94DtronL8e8EFP4UL7P_vDhr1TP0&sig=Cg0ArKJSzFpUu6_j1lUTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&cbvp=1&cstd=229&cisv=r20220126.70559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 30 Jan 2022 21:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C8B2 0
0 180ms
86ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnCx7PK43KMlijCZcPHIeutNlw78-w2lrt2VWzXt4_RGERwects6tLtC2rgNLMLLzy4hq56wX06d6ORj8G-97V6ndrpBiRlnpTQJks9lSOCdv2OvdovOv7rwyZPxFKlhDNxEVhhTOKr2t2OK7NPS9FtE1O8RtE8CEtpLfrqN6I44ul4HE7sjs922fwG7dmuAbHX8wSc_SBUvEy0ha_ThKcgNOEl3R-C8DhtrpuhUeFemc51ekQMegcm3fSlwFSPHrAqGEEcN7WCivaaWFY6T_p3du9ujw3Nrmr-jBjRTEidShYe8GVwDJ9IBKDCocfsZt-8KI07c9gHMqo48fmkC60I8yIeWxdbbhHiU-ug2ia4QOWRCh3utG2__MFSZZCu_oI6mBErUtmCTHUY6McXmKvk_iaq8KGUlk_aWByRYYUTHRkTAWVH-PdSeX_bVRQNWx_azIZBIjmor93D89FQnqxodvOtYiBHX7n9Re5LqfcMz8TxovhRPFjq5HtTqZGur3GZjAcWBsUbQbbL1RURs4P4O6ho6V55TCbNxFGMb2DX55-pBnPgDgG_-gz9huIfRijAzUfHm9rS14TkNylrn-kmAukoC8Si7bRMBSfNtxMbMPaFkRif4MFjMOvVb21gyz-_KbM4l7IEe5xLGcLUnBLYIwNpMOrUTm1ONQflnq0nN_YlNahi0o4oOq-w-ijW54IRO_I8vesdbG_M96t1w5lBp7FTUuCc71gn069PPllVa-1hl1rbiN7pa2x_8VeAiYB7RDSs9tunyanwUt-qFeGQgH7n99bAwAAtHuADe9xnf2WibxEu2lBRlCtsQKKPdgL27tub-VblwB3S9hkwd8UV4iL-Md9Be3QLdtL4kQd72mq3dCNECyDf8jHIQkvsbbOzkRwdnJxfYkNmaUiNPqKJ18mdKr4jKYvFTczhqo2d011XZchVjs9TkddCxsZZECGcrl0eaAKxgY4L4oPcCpinCNQq32uOJ5TegdxgBSG8P947wMOcBw8h_rHOE0CuGqeCa1UBY-xjfRY_b9DyG97b2GTiEvu1G-uAicQgvGhNUZ23J6CmCc4w9yp-_YUz4NJrDs98aqlb6bxm5hyUMirYyrv-V7fyNo_HS1IX4QReqjvqEJ3kwM&sai=AMfl-YS1VVCx_xR-P6HLnOUSwqznkyPFNZs-eKkwrO182HdRTXf9wq53vUPcTA&sig=Cg0ArKJSzJVl5cGdgJKAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 30 Jan 2022 21:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C8B2 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2 31 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
server: cafe
etag: 11198992762603823889
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:48 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2 2 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8B2 123 KB
37 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2 14 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8B2 0
0 45ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyflyViG9hB1v2-6lsVrY-ATLMXTWydRvirh2XcVg0lKd6QWbF-gY6NwcO8fVB2cyMnjM7lSc7mPuQE3yfQmHEI2Wsbw
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame C8B2 18 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:52 GMT

GET
H3 200 1699561234219870365
s0.2mdn.net/simgad/ Frame C8B2 20 KB
20 KB 89ms
49ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1699561234219870365

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee9118aab4a91f88c194ade05a1b2be68b66b2ce2dcc2cb5ca081ad39269ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:01:25 GMT
x-content-type-options: nosniff
age: 531940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20161
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 18:01:25 GMT

GET
DATA 200
OK truncated
/ Frame 28E7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9c59ad15fb8a4c919e6f16557d181e93eeb3210498495e8b6b345e0dd043ba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B8F 22 KB
8 KB 49ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 101711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 28E7 28 KB
28 KB 103ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:12:51 GMT
x-content-type-options: nosniff
age: 444855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:12:51 GMT

GET
H/1.1 200
OK request.php Show response
hal90002.redintelligence.net/ Frame F971 4 KB
2 KB 149ms
89ms Script
application/x-javascript 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=6249250641117210892&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 1d1aaffff8c70f7fa910784f6da780b400bf1ce37123186c01bf2cf251b89743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 64789300300784500951407011855002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1255
Expires: Sun, 30 Jan 2022 21:47:06 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=2827458361515167&bg=!eHulez_NAAY6OBv_Ojg7ACkAdvg8WicFQuxf8_f6AhNWfGRUNWmZKAFTK0RDO77HaJDGqO3KyQJi1AIAAAFAUgAAAAJoAQcKAJ94mtSIM17ICxpOg74e3x1BRjtT5bST18GrH-92VvgzyYwLBX9D9NwWtRBs9KKMuLAfsfwaMGb3uc5_f77YltgRg0XT8al3zLk17Ksucf25bg7djXC5x5FXni6U3toD4ImyAPAk0tLfhoepOmYXKHjPnC6vDUo9GelWS3MjRuhcD-_eSU7AsWbhTE3uoy3gm0V5u_tOWJtr96Dzf9CEwAyZAql4qXO-YaZQj7p07-tSOb7mPOwTf6XcZb2z9T_GzR88I9nM6_j5pfMvu6UJQnvGM8G5GUcSTipX8BplCpXxwua3OBYWC20dbOeoImewpmpWOeYsle7b7k-ayQ89NT83tJBvQ1Ye5GbUVJBcOztpkV_IqXgJm5XEnul4oSxoKhuNoPaaCFPyfzKWriwKtveeyrLIVddPsHSwWoYFS-41U_f9xFweZHKiqp-0BwnH0hQBzceiazC54kQViYfYtxiKtmhIsTMzXmhVAao_NU4Cc4gOF_u19nyN0G3ttKHZK5Gjcd8BDVSTe7gYvT41PK4jAbFNeMRjAJywoWAkWdNme-CPOajSULewj2rT_IQvLUzfJCO0OuYcJgcOOHiqk0c2CSmyTj4KCDdw4_px_9neca7rz4r0GayeUBCv88JgYNDQiXMkZQHO3BAQxxlm-se9HZ0aKVHk2mf1XySK-sQFYc7uSd7_fe4EVl4TvLuMRLsmi1EdBhfrctST7_coNJOMQDOG0MymeIoIToljxIwki7ccDkj1OteYpfGHeitK4XwTHdGt4N5k3pcyodhk12cGqVixmyDNv8LIX-IZZ8g4isYvtJMwvGvhilUAJ0pHXYb9xeuCLn9csZ1T8S7RgLo9TsDDXRpY4QSouXuAPy-m0k6vD4sJphwmdfpOjSYkMWeZNGJAmEpT_l4BBWpFKSucc1byAlLdF4wL8F74sj4_fRyEv2fO3Uu9EsJ3WoJxaAC2HjBVBn6jD687g-Q9zbMRXHorxTNQcafGJhs30mtFPHy-RLoDdhwW6Ny-k2Z5LXERnsVrynOeMH4Lbx34ieuQ8Ea_CV7p81U4w6iC19jdUpcEvNefuyufZeCbs78F6MSpe2aoNG4vUQTAo1hRh_dRaF0hUWx1LltEM88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame B6E6 35 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/ 150 KB
54 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/reactive_library_fy2019.js?bust=31064587

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54757
x-xss-protection: 0
server: cafe
etag: 14223464605515330893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49F0 32 KB
12 KB 302ms
301ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a26386fd133ed4f61924e6a17ff50a5cfa30a23dab6352d2e76cd8f615db0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 Jan 2022 21:47:06 GMT
server: cafe
content-length: 12762
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8056 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 101712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 325C 8 KB
888 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:17:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C 1 KB
877 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:28 GMT

GET
H3 200 9428738903086058192
tpc.googlesyndication.com/simgad/ Frame 34F3 18 KB
18 KB 42ms
42ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9428738903086058192?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm6Xu5-iIo2z1K20E-r464YfOtNMA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4e4e95ec92a7f33674fa60611f2d96e9c9aeafa9828076739bf20d08afac95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 10:05:58 GMT
x-content-type-options: nosniff
age: 301268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18130
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 15:13:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Jan 2023 10:05:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 34F3 18 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 34F3 67 B
96 B 40ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 18:14:59 GMT
x-content-type-options: nosniff
server: cafe
age: 12727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 31 Jan 2022 18:14:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B9FD 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 30 Jan 2022 05:53:44 GMT
expires: Mon, 31 Jan 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 57202
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C8B2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a3b01ac23a5794bf248c90d09d856bf0dbb3a9998f759280ae59ea73365f612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 325C 18 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C 2 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 325C 123 KB
37 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 325C 27 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H3 200 bannerify.css
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736 2 KB
656 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/bannerify.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a0b5bdf6777c0df8e6c3c4c4ea50b1b4f69c218bdb0e9319dcd61f66b2e4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 627
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 19:00:00 GMT

GET
H3 200 frame_043774636.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736 2 KB
804 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/images/frame_043774636.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5442363bd6ec5eeaf3879064e39174d75d0daff3314700a316d1833b68c10dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 775
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 15:01:10 GMT

GET
H3 200 logo-white_042721439.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736 5 KB
3 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/images/logo-white_042721439.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

256ab45e72d00811a252550bde3f17d2818b72e8fa2839b53c220ff8244cd6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 15:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2533
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Jan 2023 15:24:32 GMT

GET
H3 200 h1_947408628.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736 5 KB
2 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/images/h1_947408628.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c22b29ea6850ba0926ba3222b8bad1bfff9cccc30185ab5ec9e676125efdf34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 11:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1999
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:51:18 GMT

GET
H3 200 button-chartreuse-solid_118393472.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736 4 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/images/button-chartreuse-solid_118393472.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325715991e5065756a482444881c499f0e8bf48900416032b0cd1c793ad3cbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 05:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232646
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1744
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 05:09:40 GMT

GET
H3 200 bannerify.js Show response
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736 843 B
406 B 40ms
40ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16313028207426076408/bannerify.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d17c191e5863bebf998cf621ba7ca1738a59ef7ea3db73a423c4a94b3e51f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 15:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:58:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Jan 2023 15:24:32 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 51AE 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34F3 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAp2zWQf3YYjVEfOUxdwP_JWgyAOe5ezLZvLjiq_YDsHg9tjaKRABILqk1GVgleKQgqAHoAGVm7SOA8gBAqgDAcgDyQSqBNMBT9C7gYRanlRBRiMyj50cQEcWT0sNZWwsYnYgjkQgMypM_AgRPesU-GwuNWGUreHcOxUIcUAsIHlMuG7usj4xOptUYyVv94FMldbXRXZuHuZqeQ1r6TpiwYV2EnsrVJFrgQhw9HbtNTeb2qg-QFXQO4nuX4tjoJt_VNq3ZOvAvIJVp4AendlNp28eqFjrrJP5ZkCBW_4fQ9_Oy5s4nsfvGVQi7OiSDDnqAbA1Uu4ecBAr09C-Twy_zgGyZM0O3Hd-gspYWfzZEY5FOI65MBvKsw6CTcAE49_LjPIDkgUECAQYAZIFBAgFGASgBgKAB9Pky3GoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDakwzSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTU0Mzg5OTYxNzY1OTI2NhgA&sigh=tg-v_CuZiRQ&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 Jan 2022 21:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F3 123 KB
37 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3 27 KB
11 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 10:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11341
x-xss-protection: 0
server: cafe
etag: 617338487876024589
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 10:45:35 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4313790034593009820/ Frame 325C 19 KB
19 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4313790034593009820/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b7f575ef8013b341a44f81bfde1121e34cc31ce82217380e34f3cde0cd04ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 20:26:39 GMT
x-content-type-options: nosniff
age: 4827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19306
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:33:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 30 Jan 2023 20:26:39 GMT

GET
DATA 200
OK truncated
/ Frame 325C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 325C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 325C 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEZj4WQf3YbLREdeJygXiwoPQBozzkIhoqrX9wOYOxeO7gbonEAEguqTUZWCV4pCCoAegAZqG2q4ByAEJqQIyRTgm4bOyPqgDAcgDywSqBOQBT9Cd0Y1FTvUPZK0ywd2dNQzMNrG-iarXeC9WmDzPt38evLVZrfrSwy54zzRD7PwmrkRkq5FpFp3u3AuuTjbZVUJ8GFUtXjPjjFQtgqgzXgTopmX77FettowtoHVY0vMkOhoeyvbD2aARIeW1uBEqGtBnjp837deGGZ0KC7C9YlQeqwZokb1KZvmQJj_XhT-iJv_1CalKBb2MOlD0YPVdN7bAo_nf4SRf4qF5MuktGJINVyVLHAMNtObT5gdWuwaX-AVxr3mV_1AQuyrwsVH6plD-ZfNXgs4F7S5liMPYoc1qhleDwASRzrqq4QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgq-a9AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDrkQTSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=Vz_LgnIb1GI&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 Jan 2022 21:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 01CE 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:50:50 GMT
expires: Sun, 13 Feb 2022 15:50:50 GMT
cache-control: public, max-age=1209600
age: 21376
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adv.office-partner.de/ Frame EB48 930 B
931 B 73ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Sun, 30 Jan 2022 21:47:06 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 06 Feb 2022 21:47:06 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H3

200

activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496 Show response
5994599.fls.doubleclick.net/ Frame CCA0
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?

391 B
345 B

103ms
55ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

8ce776f6eec4192fffefc170c47a6b8de020e4804e884e71eca7ae9ea6072a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:06 GMT
expires: Sun, 30 Jan 2022 21:47:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 01AC 7 KB
3 KB 34ms
12ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e037b3c7b7441f8d0999a402e6d6c55679a29b1ed0be4c89ea44e46a698fc53e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 30 Jan 2022 21:47:06 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2403
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 675B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2152b36944f90f3c925c0d1eff7c1d061ac52acc8b4a26691766e27d0b59138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame BD91 930 B
930 B 55ms
8ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

server: keycdn-engine
date: Sun, 30 Jan 2022 21:47:06 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 06 Feb 2022 21:47:06 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F971 1 KB
2 KB 243ms
132ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64789300300784500951407011855002&nw=1
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 5eb31c1817c870043538269a7e2d0c6dd483fb5c6a743e81edf46e0cb09cc38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1231
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685 Show response
8019191.fls.doubleclick.net/ Frame F507
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?

391 B
346 B

102ms
55ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

f319c6a215938206737158adb32e9e89e978502432416a5237c7e0ee4a3ba3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:06 GMT
expires: Sun, 30 Jan 2022 21:47:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame E990 7 KB
2 KB 37ms
15ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0038aa9ed4d1e13c44aa42702a80f572db33ce03089a82b32c60c0a3b446a881

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 30 Jan 2022 21:47:06 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2141
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F971 43 B
702 B 55ms
31ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=64789300300784500951407011855002&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F971 43 B
703 B 57ms
34ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=64789300300784500951407011855002&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame F971 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d2624e2edaac119158393b2705a224f485012a3ef6584cbf217f2d5bf60e70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5064 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 30 Jan 2022 21:03:51 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 325C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34ef825d1200a7fd65de67bd50216e4564db7344dd4c78fa7b53fbdd756c432f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B8F 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
DATA 200
OK truncated
/ Frame 34F3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdbe1ef58468076aede420dea4b2fccbd9cb4e86cc1517d4b52db96f10b174e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 325C 28 KB
28 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:12:51 GMT
x-content-type-options: nosniff
age: 444855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:12:51 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 01AC 89 KB
32 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 10:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 10:01:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 01CE 4 KB
634 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:19:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 01CE 205 B
229 B 36ms
36ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:11:23 GMT
x-content-type-options: nosniff
age: 167743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 23:11:23 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 01CE 604 B
628 B 39ms
39ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:59:41 GMT
x-content-type-options: nosniff
age: 24445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Jan 2023 14:59:41 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 01CE 18 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:08:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E990 4 KB
649 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:26:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E990 16 KB
16 KB 35ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 7b1b9bb1655d869d3f665f031438d85870594ead470e527bf521660607c6580a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16532
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E990 17 KB
17 KB 39ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: f0dc407a28b9bc6862935d61896359353389c2c207b30d4d915b03e870d56ef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E990 14 KB
14 KB 39ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 20d2b7472f76c7831a98ccbc252db65d4491a6c29e58d24d0c250c49cf91ed56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14132
Vary: Accept-Encoding
Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D15C 0
23 B 123ms
75ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoJN8wbKVy-iuLDPqxtTFSB7id-kJkuiGzYMJ0TqWY4B9M2f2an0miqdrJOidA33afmjNz1rJSKhz6hgPYfJ1syebXvAHzB8ol9nEy2azPAJhOm8x_lx8VrGctevGh6dYO-AqRWWf3F8LphjAbrjzir7L4YkjcjclvAHAphW3Yn3L37-uQR7KZLFRHNVwfUJmwMr7bdR13nyA2xzHVSZyoRTPFOk5o5jhd_hpRP2KgQBAxB6galIYIhR0MZ4jZZf0W0a6yGhpITm44h6vm04NB2kEOEZJbNGgsJ-U0fCNCtEvTK6-2h67Pbk748eu0RdG4LDmSLQEms3ZWPK4uizT4pXJ7EGkqf3c6Zi8hWaZ9s4bbO2p5g0pnNIedqWPhxouup2HUS9WIL9jwCDzhXTxFwJRE2gYbprGiXZyfvdJGGDQwUQbJG4yWj-UZsmxheDhuAz5qAwx1jJviEh5hxi77qBIkgH7YfS7Xgy9ByRTZL1hPPYOf7CGqwmmtz2XD_28BvSngT32Bylg0Gndy9tScsKwKHTf5ftK510TpCxUPliiUi2tiF0UG0ldxRqvD6uhEWnFpZN1KT-zwtvROfsH79hb2nAbCBFC71ZmXbZWXvo-dsLoqs1HqwNYhYPqxqnU3d9z8OjktN8L61j4DECQB4Ez14IVECFDL3WqRWuqB5FsQ1RTOCzO0K8ma8v5f3XeSwl1KZweSbWvbO-7k41o-DNTePfNHNE8aJin8hcPZr_wAJkMGzPbSgv2xmnptuNa029EOX1s2NJYMQjExefnoN8a5QWjIl0b6FTNacHAz2hasmWZc1on_fvIx0uTRkw9DAVZU5tQlY1ApsUCknuTnkFhzZfW5lgE0uy33SH9DKBAVco8YRsrlhFh1ku_GSmNCCyXucY3A5T90Jn6o3WxAu4OsM7by-rEP0Mk8UHSD1iTrjKAgKsa-dHfk_U2AjBGxUzhQ86r3OygTRXJw2aHvS3quS4MwW8cDZgVL5qsJbuZr6JpCD0hQkXC4rg7Qpu_xJFQzSR0xSrTsuI045P0v5orayISvjSrx8b5rPWdw_xw_A4pG1IdICYNXEnY75lvJM0Hx26Wy4Is9ua1vwDOYbG5jLm4cmrKP6lPKqS50F4eDL6LoVARyQ7IGgOFh-d68is2hO7V6qNDLbJu1ZT3ImYQ0-slOWn9movg8h9LSm5V006c4hLIxesU1iDjKVdS3Rdlnv2SRt7WnsgCu&sai=AMfl-YR7QQTDdTe7aqNOmubpV6ElwKVqFdAtlOl1WjDN_HDVwuGmLoeQ32L5Lic0cRckjMLKWnn1FXQSL6j_VIiZoss5ipDGCmQagCF_IxrAx4vcGKfY98PKKtRu5qzli5b5333ORTn8GXD94DtronL8e8EFP4UL7P_vDhr1TP0&sig=Cg0ArKJSzFpUu6_j1lUTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=752&vt=11&dtpt=520&dett=3&cstd=229&cisv=r20220126.70559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 64D4 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B9FD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1&google_push=AYg5qPLq1MxuRLEoVyY-UlEZwbgCkbXWsf9SP2SWxZ7w4U1ms8vka-Tbec_dsDkY0ja8AExAJisK9RjHvI_DGbTxUXOp8iGB_sM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1NzM1Njg3ODU3NjkxNzI1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1

43 B
407 B

645ms
163ms

Image
image/gif

2620:112:f006:bbbb::12
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
Protocol: H2
Server: 2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame B9FD 0
177 B 48ms
6ms Image
text/plain 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF7EbFNbrLNOOKIlp-bIXRg&google_cver=1&google_push=AYg5qPLaBLEf5esN0543EqZUSGyrq528PDmw3aWWeF3iqb_A81Gnm7UMMUbi1j3S0UoQCtva9QVzdMvbMhKrnbpJyIJyYpfEP2U
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643579226.498098,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4062-HHN

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B9FD 0
75 B 361ms
119ms Image
text/plain 199.187.193.181
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGsPSDyRBdIg1lxIoOrI1oc&google_cver=1&google_push=AYg5qPIOkrOpaqyyGrKs8d_NWHGRc0PugsHZfaN5vWpA69e3dmHOon0AHfBSSs9OsCMUUsGJJxGK4U7WCu2fI34r2_fAEK05Vg0
Requested by: Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHC...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHC...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECm...

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s
date: Sun, 30 Jan 2022 21:47:06 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIa...
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B9FD 0
12 B 48ms
46ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JV9za5tw4Gh1Roho9EKtsbhJLEBKkvB72tz2dfwDnI2qWWrMnZTKm1mkOPztK4F0gU2tXw0vA

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8056 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame EB48 81 KB
32 KB 131ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b34018b7febe19cb767cdfad90d7ef38458a38780ef8fa76c8a5162edf31b072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32091
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BD91 81 KB
31 KB 173ms
90ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85f93f61aafab804a71f970e99ce3b0b13ab4f5c53c1b152535bda6fc00850c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32090
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 04CD 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd7ORWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efzPq3yosWd6t1-JD4FBRg4_TpRbWLYchVSJizxpmoTNLI2mJaUGiIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=B1zBeSa0rA0&uach_m=[UACH]&cid=CAQSOwCNIrLMZzozKNNcu_ve53PBzw3I8XOuAf_MgGC-FkM-D_zBcm95gcGBszbOMMDd2MIyQNSuzU5phSBBGAE&tpd=AGWhJmsIBw8oNEhb0EyKSfg6qxkQ1kKrHBx182qlNfrmuygUMTZOmiEhl7bz4K0acEKNqLHm6SLXKW30I7dAcvRH-zDvWNftWPT2W1sSpvheSjpTBYA2yiDS37u-1ZoHmkxNhiwfM7f2j_B5tjQae3JUX0NXkw9qNxioq4VZsTqFcZcezpBV2cyRE1-RtAYEyBhTG14RIVriLCsCR54rvZAo93P5OAHaCFQiA1BcxXax4OJqlqw0PwJNCNYvITJ0H1aK4SHrwEPc1YDwjY04CTGAHhXo5iNDin-le5BYOKw8jAdDt1KZr1QJfzrNrI3129ZVf_16tRuHw8Or2liy5Uu82cxQcYdz9k1Buj-8y8XkT_s-YSyMaRA44NHIQ9OThk_jegG0Xn4wngJhti97KydXgDGpHcpETuAnF3ueUr22Ec5LALCROTgjN7Xjjqyj47cmOP9YiKFj6lyRWhGyE8iJlBmEm0G6HOHUxR1DkX2wD5QkCXDD4R9oSfoseIRfxQGCwuGIlaFMQuBjL98Oellkj6KQ750DcZhO_jteeQOQGq0o4Vv4wSgBVQxMSN4v9w47Le36PTub-ehx5UuR_TJrfdX8vStUaG9lNSeci8c-ioH4QFUG8n44TEjxV08Zt8yJ3J3oJ1yJXZH9yI1nSI2uRNuqe5edUSVIxKuBdqfC0TCPqpICAbfCmXvii6RBPI-arOyBiM6Sd7LJnEp2EK1c3Fn0kTIjFu2ruidyx9AWsVD3NfuT8xg0RpCzjbgKbx4uCfDxvkeZjNWH-g4DWDN4JFwmpLVJd5io2bdvclcR0k8rwHfjqs_PFI5WlMTOEyzp3KlNOuxgjUHi3pXl4yGG_FTLX3OL_ecynoSi72oHNDKO4-SJ4fG4sDhs6EGSA074Wyl_fQqi_EOu4llE63rcrYGpvjBYjkXEoPohJp84wmxfqLtW_mv7CTGNcvtnyhjqrF0wAWep9AShYezJ9IyWELZ--9ZnuQ3g5AmDRPPBct3qTklUU-CBuDb5WtFplUrn0ev2nRWmKfKEQ8HMcnOWSjNcKpNxUgeMGKAFDDVTsKYI67KMWCt6BVVLaDQe0M5qDbc3

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 Jan 2022 21:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 04CD 2 KB
2 KB 46ms
46ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.0 /
Resource Hash: 710a975426a0027b34f7cc6501a72c190d7480befae89d4afa69115ed8be93a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1643579226
Last-Modified: Sun, 30 Jan 2022 21:47:06 GMT
Server: MMBD/3.300.0
x-mm-latency: 34 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x25, cdg-bidder-x166
Connection: close
Expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 04CD 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04CD 123 KB
37 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 04CD 14 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 04CD 0
0 44ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7PXSn27nGs-7QXAtN9TwBQkJtYXBVhhIqk3WMNrMcWBgKKyl8_ROQ7kp1OsPToXLSzWNx0QwG1mGIuYNbV_7g1cs95Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
adservice.google.com/ddm/fls/z/ Frame CCA0 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame E990 0
150 B 34ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=64789300300784500951407011855002&a=06d115b6&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E990 13 KB
13 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:17:49 GMT
x-content-type-options: nosniff
age: 437357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:17:49 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E990 13 KB
13 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 383069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 11:22:37 GMT

GET
H3 200 dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
adservice.google.com/ddm/fls/z/ Frame F507 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F971 51 KB
51 KB 62ms
14ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64789300300784500951407011855002&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55880
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: OGoh8-vcbi2aQZxlMnKOKimAYAZ_GRM4rg8FX9itu79O_r_olwm5uA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F971 85 B
541 B 81ms
31ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=76949200282886900714456011855028&wglinkid=498343
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 85
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5064
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

2455ms
2455ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 21:47:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 21:47:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 21:47:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BC3 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4052 6 KB
670 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:14:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052 1 KB
877 B 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:28 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4052 18 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052 2 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:43:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4052 123 KB
37 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052 14 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 21:44:05 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 4052 27 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 01AC 0
150 B 34ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=39428600313163300757589011855013&a=c677aae8&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 01AC 1 KB
2 KB 177ms
128ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=39428600313163300757589011855013&viewref=39428600313163300757589011855013&nw=1
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 74ff9418c9cefe00d5c008ee0daed56389be2476f26a462ae27af671b2b5029b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1267
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 01AC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 04CD 10 KB
3 KB 37ms
12ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2790486132685545802&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 34a9266d3a2bff74d6b3233721767543fd0e57f4835cee714ea892f5497196cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3316
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 04CD 43 B
405 B 20ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2790486132685545802&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 04CD 49 B
330 B 33ms
33ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2790486132685545802&st=4562306&time=1643579226&nodeid=2817
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: MMBD/3.300.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x83, cdg-bidder-x166
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame 04CD 1 KB
1 KB 65ms
17ms Script
text/javascript 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash: 5f93f0286980feac0bb1912db6302af4e359eb243107bd2695ba94135a4989bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Sun, 30 Jan 2022 21:47:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6E6 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtwQrWQf3YYr1IM3C7_UPl_ibUAAAAAA4AeAEAg&bg=!6Oul66_NAAY6OBv_Ojg7ACkAdvg8WuXLVdzxIKQL6zcdpL__FBYNJGA1-X5rAycUSByKw-lzIczAmwIAAAH2UgAAAAJoAQeZAywe24mm8Sx3jhPhRKyVKW22LQctfI6zIwmWEJgVZjGAijVbVb0B1AJOMgsSxK6C_s2hnvepi-HWhLv-qMoO9OGWLnH9run-67bJFDoIsZXIuA3xM3LZLD-3J0lu1FYISX-cfhmdEYwR9Y8UEPZQBRc14Jhda5iQmz4QwnxbtDIIDA7SxbTrov0_3PWVtZ5EBEvwem4RE1HaElLofKB-cP4ZP476kRdoYbNveKJj-cQ5FXbb99H9-_wpuV8C8MsDgLp9vLNZnPBej__T4BBqaLGja4X4pITTV462kQyXc46NLVBRpJxaSM24buGkViQqkKW5H-oFQlYGFvvpbUelsedwUhz94PgX03ksJVAVbSfSBN4bxYiiXsY0EON2IXr4lQe2nJSdJ0lBhr6Ff2bXCtywNotZhVy-Ws726083Bc98SDG-ZWznYMoiMEo__0djbuGofgGyTrcXtztOh8hfX2xS8-AbEhqKRUzYdWyl8PgY2FCJTR1UXB6juZSN6-0dHYXDFQojecKcAx2jWwGkosObo4D-r2Ra67Kq6lU3H5fajhieKcOdoCxeu7paZwF3u5iRNWLtJB3ChnlHzYfBX6oG5zUV0-cLKt_on9DrNvs8HwyKlb5nsnQlXO7I5wY2FZQpaInTLzPteE4dHbOoN0sZ61y6nTUwCGK3E_3vv83fydKnHyju1roWVJ0X0AO344d90UVwAuyrKPxDvtVbSjMbP8li-wHsf-R9ewUdp37B7N8tiHfks5c_ZL_bwYggLWbkuguGZVfs15buiR-k2-zMHWcT0VNMQTeQZ9W3HWJ69TJkCI7s9O_OVmmwYU1WxU7dy9_Z1cwl-6nc1mfrY6QIeqopxcXSL7Dtz1ETTZ3YI1un9x1bLJZRaWTuwg-fhy5ZTUDZXcnHjc5sSAHP8WiHhXH6tlgGFUYR9NoWn6Fgu5g30bryGVofESkNzWqzYnbqeCaKkOGjxbLaCrXQc_amsZDViQr_9tbY7Clisq5UvusbbWaOwjTxT2ivrzZpxbIKtkDa8BlIJnw_4M51KWRDWMwPmdLmLskEshuxQzla4GkI4oU72BDTRAe7Jw

Requested by

Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal900026.redintelligence.net/ Frame 04CD 3 KB
2 KB 113ms
76ms Script
application/x-javascript 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2790486132685545802&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ccbb07d96140c7b362a7354521f1b4df71f3eb6160ee83616a97bcc8d5be711e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 98481800237293200951389011855026
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1240
Expires: Sun, 30 Jan 2022 21:47:06 +0100

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame DA19 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B8F 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1J_yWQf3YYOtIezYx_APwMuToAMAAAAAOAHgBAI&bg=!9fal9rLNAAY6OBv_Ojg7ACkAdvg8WlMem51mXxM_XwbTc2qFmqvBrsOstydzioEaZBPvD4OFWa4bogIAAAFvUgAAAAJoAQcKADFkDQOPWa25ep8jKFKam7Z1px6UlzG1cUl8mdX0IwUn6XA-J_yMyvmCm7o5m4UjfyoBmQMAJEa8R2bfdyTp2_aCP99ClqSIR7ljsGjy8ummj0HMVr5EkEZwlvlOxJztNa7_PHHlLfZQV89KYudThcMv5pNEi03YhA2t8hCEYYMu4UkmCIV1PQW8s52uGpuat9Xonl6WmVf7cLepk32M6X5dokqTggGJvGgenr79xcqOeccf7jC_n6GUP--Fd50oFglummeolCnAKxd3IoCcwxhrTVKffTE_qM3UUDzuDEFd2PCTl_EBVvOrrFxkl5eROb9Q49FJjY5AETLGPvkQEIPmudhX3eH80aaVbh3juYAgYsBrkZIPDBeuHhMgshAlDCRIK1gMNiDOGpzXjizTXBaQQJwEvuzh_wF49q1U6w89NEylIyqH5ZIGFPEBFcPR02m2M1d-is-OkkJknoqufjjVLDWT94fIuBkYhQA7ThObF54ssqzCnXmC_M6h-5S0x0Y_ht0TM0LOB8Yprm6d9dKWs5jR1i6S1WZKlovl5IsgHJsiBXsAFoPCg9Q7JCmPubSF2wu55I4bW0u-ozGoDXf2XdbjdBByFhu5SbrF0n6YKss3tvasuOllB54TDMA7Pkk1Sz76lN1ZPcN3NiAs2p5uFAwogOePGgVIbKh_gvMk11gX9oS4O_xhetiFs5c7hwVzzE1cZgxAJFOXR3GPJzhzRGQBeaHf9TZfQ8yaPR8sUaQzRNBGL5wIE5wXmoEzgMmn1XkrrhmF2kp7PZ_ljdA-etFzOgXgfyHsoTDZnwfwypOG719VU600Amj1PWAAFY-I_0Uuo0NbEZTzcTbhA4aPbZsxkBHLov-w8h_KiWfgakgk5gHp-_AaAD9naWmcAR8SYh-rzCcI-1g2X9vY6QtwE-E99GqJ7v-BaTrFlp4N5ZWdWaJTyc3Qczq1rfCwi8sc2Rb0CBdE_YB29W7r2HHk55CNpGOZjL-8gMPCupWsGMXthAU0SHehCgtA2c01gFVHobNwz8z3QQQcrvvWwLWAMUDYwBlnVGDSeiryWeSx_E7CkKTgYHtdNqf7gNSBvs2CUPEh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 01AC 51 KB
51 KB 15ms
14ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=39428600313163300757589011855013&viewref=39428600313163300757589011855013&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55880
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 95DtHOFLWyYIKulHQHNKVvju_Yg-9RJn0k7f7-mPeQxu0Wgw0S8gtw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 01AC 48 KB
48 KB 82ms
31ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=93678800309036800757589011855004&wglinkid=264925
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D15C 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBfD9i1ReIrBk8SanXB_XI0Nso_ted77O0hutyh54ZN-q3BN0wykBbqiyJls5jY44PXqilEdAYTf0yJiRMnLP5ie3NL-L_1xRrcAaPlBq__sL_8rjbdw&sai=AMfl-YRQtH8q-goFrSUpR6wBpOnCfhWweIpFZdwbAaaWm7Ko7bZkf0Iqu-5JlMb53Xxnzw_0aU2a24Sfvk37yt6ekUvJcKH7n3JMuCKprnPZYbMbNsbiUNp_huImMwtcSpg&sig=Cg0ArKJSzJVPZ8kAINL5EAE&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&id=lidar2&mcvt=1007&p=1110,436,1200,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2385447796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643579225405&rpt=455&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8056 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcINqWQf3YbmMHICB7_UP_bCrqAUAAAAAOAHgBAI&bg=!9_Sl9LDNAAY6OBv_Ojg7ACkAdvg8WkYhwcnGJvFGWbIuEzeQLvrwpttvjxCZaoA2Uey0ISf5whBjSgIAAAENUgAAAAJoAQcKAAWmVNVMs5kDCqhvPxJ9GTXyHA-DdSTx6YE6_wPmmGH8tmbUnqNzgtWU_NtBixSKrO6ViZz_Aneg_S65hG6gaGGlQvaaXf-5ZMIEw68ie1KZvpMHrP3nvKRhgYaM_lW1hsfFLevIrU99abXvqj5rR5tmIUNRTCZo89MAixlGyYlobG29j_s72UBhzwjPiEaKBH6TYmwheAFUvhVDxAbiq3L4XoLBb7aCBC_ZKiE-rDVDru6nh1vr3PjgvxmltAAbR6WlFdKKPKSo6m7DcziFyD_G2ihl3THSykpQuzsvUgt_T814rnVATuTOO2bvDL3gOtQXlt9u4QiSQ0U0g-AKK25O1hbSL9EQo-lCQh_vd9JXeOoWuxj-Yo1DpN7Lw9AWUwnrV1ushoD99F3JYb6M--WyBb8x1xCMA4AtToF6CVzAVTnAxWcvNwcSbcaRhU1evLxAuCSlrHh1pv_jGYRN3K73mxQNVkeMvMa7m6klHzHSC2NnvEupd-QKHVgcI1O1b_KiCZLHiY9yPHLqZAZnfeAydv_r2R6aEUrwlE3M-i32tCMBpLiAlgt_jgSef76JVjyrrLRGpixajgaazLfwycHb5x7vOJs9KhHeygJaPyS0f5S6c8BJzkYxDZznREDg6mWVP0eDzOhT3kHkyZEZimAThs0DwnxakHk_6w0WUjNg4AiGXVh7PuYUfSHT43hM3_FoT0HQSwPk-txB4DKE2rvorWWoZxEWgrg8_BpmygZEUJW1ps-TXYlggedXXT_3_oJR3g9-OyVw8UvtKCepHwVzzv8tjZjBz0aw6qgEr1sNTnuWQphj5ELl4U46lpkkHt0bLopeBSrJ4HxF4YYwfy05Cvv9btpgww-2DzjkbFTZVygj8Owj4wk4fIkV0SVW9rGQmUffJCSKrdeRjmw5JpszyCrCe-okx4yja4TMF9UzPMiElpKvkXYtvRPAQAeIBrQ6kOJp9LHrMpwQyZwpD_jogToz_uhhgg8VlLLe1oi275M1aEeInHuMJxc3jYNehYC86sjXjJaS-Tc5ORHGSHxoBSo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame F5FA
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=98481800237293200951389011855026&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315

350 B
409 B

40ms
10ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

date: Sun, 30 Jan 2022 21:47:07 GMT
server: Apache
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
content-length: 0
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 04CD 1 KB
2 KB 186ms
135ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=98481800237293200951389011855026
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: fada4ef16159c4e4fc5a47b9b377215f1625096f49df7f74892a63e59c8ca038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:07 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:07 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937 Show response
8019191.fls.doubleclick.net/ Frame 977E
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?

391 B
345 B

56ms
56ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

e0825928eb732ce936f063676a8bde6ec18f3a6c84e00cc28504b41343f405ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:07 GMT
expires: Sun, 30 Jan 2022 21:47:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jan 2022 21:47:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900026.redintelligence.net/ Frame A955 7 KB
2 KB 34ms
12ms Document
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 001e2715fd38044cebc280676c5776ff00a5352c637fde0fe3d598e3ae82b693

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sun, 30 Jan 2022 21:47:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 30 Jan 2022 21:47:06 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2081
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 04CD 43 B
702 B 34ms
34ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=98481800237293200951389011855026&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame CF55 652 B
765 B 49ms
19ms Document
text/html 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0 /
Resource Hash: 4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Content-Type: text/html
Connection: close
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding: gzip

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7C6C 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 30 Jan 2022 05:53:44 GMT
expires: Mon, 31 Jan 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 57202
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 04CD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d13ac8664a2f3f61828693d4b717313a842261c427d5a5298c3c6d9ecd8a315

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame 04CD 43 B
549 B 46ms
17ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Server: MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A955 1 KB
419 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 20:48:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 21:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 21:47:07 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A955 10 KB
10 KB 36ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_627x627.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: dcfa3c266dc1db6bc5d452bc89db79ee64260416a21a03660d2048a2e7776f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10406
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A955 8 KB
9 KB 36ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-fussball-627x627.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: d10c55737d31f7fe33161fc934c0272b39c013d2bb441093f70b03a364342986

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8545
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A955 7 KB
8 KB 36ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e48f566130bda8a3b3d344d365fa010b06611519a3f2d110faa73fcb506fa4d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7627
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7C6C 35 B
463 B 36ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJGPXWoOqQZXsORHcPGMiaY&google_cver=1&google_push=AYg5qPJ2dXQrA04OJGMLESioV08VrE48HKEndABapqlO5A-Ekal0-cqO8grIsDY12UbykVgLhRPAtg430smknk1qVwuUDbsE-Jdd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 7C6C 43 B
324 B 71ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEN9b1j6nfhSE5gNBAO4olpU&google_push=AYg5qPJjLkwaBThs9Xzhy_l3Wp-JjQnblnJ9nS2fXJiIQCJX7J2k5YOlLrCMXxa5vUdNOdyWxJ_HRI-Ds5XvtH_0oiiQQpnXkdY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7C6C 43 B
350 B 72ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELFuYC_R3Imrbc2uXXBA3Xo&google_cver=1&google_push=AYg5qPL9Shj5sdDRxc2AH4JPe0b1unI-MdRcuLBFT-QbSxqBSzjXS0EG_K3uBk57UFIuRLjBxPP3YhAVDaFHyXHa6siBU6ZmeCo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: e0mees3ud8n538f5e7phlg1c8vas17e5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6
date: Sun, 30 Jan 2022 21:47:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWzhwyRDRCWiYGRZsyNNRY&google_cver=1&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 7C6C 43 B
296 B 758ms
168ms Image
image/gif 2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIO9t4wiKxqY4wVSV94cRQw&google_cver=1&google_push=AYg5qPKLz5hFQPbwqJoqaGXuZ6cqTsF_tL6x-UKYur8BasWsqBPSVXdj0nn8AkKS1zQ1-HeI2nGHMjpfeyOD8RSbu3CC-z6dETHN
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7C6C 0
12 B 48ms
47ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv8ELAbzlzpFDzXwsUb_5Zf29an7kp7vKL96fkYpjdqV46OLE_B79_tqUl9e_jpMm2hShs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame CF55 43 B
550 B 19ms
19ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Server: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 30 Jan 2022 21:47:06 GMT

GET
H/1.1 200
OK viewability Show response
hal900026.redintelligence.net/ Frame A955 0
150 B 34ms
12ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/viewability?s=98481800237293200951389011855026&a=72c877d2&vb=m
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 21:47:07 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame F5FA 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H3 200 dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
adservice.google.com/ddm/fls/z/ Frame 977E 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 04CD 51 KB
51 KB 13ms
13ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=98481800237293200951389011855026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55881
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: RUicN5TvFUnHwNueIFs_uURG5NjXBdIUN_hVnJ4oFSP4i6qeNg_Ssg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 04CD 160 B
618 B 82ms
32ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=74897400281653900710784011855019&wglinkid=3392365
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 21:47:07 GMT
Last-Modified: Sun, 30 Jan 2022 21:47:07 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 160
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 eht.js Show response
fundingchoicesmessages.google.com/f/AGSKWxWYUgB3m2u_JpCMCXWCfOWJ3OTpXY7GUc_OOqXbPciimFdz95VA4tcZ44A1QeScWvJu1eJtw9BmsLqlNqO5mKOx23RELzpZf8WWZy3Poj7IaksTSBg98z_a5hbHs-Tbdv5iy6ovryfUSkKZ6E58sEw681gxB... 54 B
107 B 51ms
51ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWYUgB3m2u_JpCMCXWCfOWJ3OTpXY7GUc_OOqXbPciimFdz95VA4tcZ44A1QeScWvJu1eJtw9BmsLqlNqO5mKOx23RELzpZf8WWZy3Poj7IaksTSBg98z_a5hbHs-Tbdv5iy6ovryfUSkKZ6E58sEw681gxBgFBLQWa1g-LJHT9q2N8hh70aYM-TUoZav2pFFZTl8vFTu1O3WlfN5KE7G1I5WADE081q_RQ3baSM5f10Hw=/_/ad_parts./glam728./admatch-/eht.js?site__assets/ads/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

186da89d4e3a4c2e666054bde2c9b9684451afba0d22499b7c46ff05b2b71c5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 59 KB
22 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22887
x-xss-protection: 0
server: cafe
etag: 17106819053595883683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 22:24:07 GMT

POST
H3 204 AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D Show response
fundingchoicesmessages.google.com/el/ 0
25 B 52ms
52ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R9BSTZFmMDoil497DMZiJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R9BSTZFmMDoil497DMZiJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-R9BSTZFmMDoil497DMZiJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R9BSTZFmMDoil497DMZiJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F971 16 B
232 B 77ms
75ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 127ms
33ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H3 204 AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D Show response
fundingchoicesmessages.google.com/el/ 0
25 B 55ms
55ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 01AC 16 B
232 B 75ms
75ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal900013.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 86ms
34ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal900013.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H3 204 AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D Show response
fundingchoicesmessages.google.com/el/ 0
25 B 54ms
53ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU0Bb2-Y9FkHbaRUQUkGRDvJ0Z-EZHLCtpLF0ahhSHkyIfakenOVmSUdMw8fgXXvvz6NDrIKdyWaAD6sCKhewTm-RtOrzG7SfjqGimUYDEKDgtahFfqhMacpd2tuDlQYYBIRZe84HtX8ynVsbLXu5qJW8e0vzxbkib5VRx6a8-l-URd6s1tiLgSTbGq Show response
fundingchoicesmessages.google.com/f/ 38 KB
14 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0Bb2-Y9FkHbaRUQUkGRDvJ0Z-EZHLCtpLF0ahhSHkyIfakenOVmSUdMw8fgXXvvz6NDrIKdyWaAD6sCKhewTm-RtOrzG7SfjqGimUYDEKDgtahFfqhMacpd2tuDlQYYBIRZe84HtX8ynVsbLXu5qJW8e0vzxbkib5VRx6a8-l-URd6s1tiLgSTbGq?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI3LDYxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmphZ29hbnNzaC5jb20vIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ceffe7f8dc8dadd003d2f363f5a0717ed4cab85afd5c23aa6f3397f51dc4769

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D Show response
fundingchoicesmessages.google.com/el/ 0
26 B 56ms
56ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 516ms
182ms Ping
image/gif 2607:f8b0:4007:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kz1smwgp&ctx=0&met.9=1.13r~13.16i~2.18s
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 21:47:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUdOPMTDg0XEeBVwAobiXjjXcmgkCf-QmI94RKjjyv-g_P8AQbqeRHDheJGxRDL3gx83-ZQVkfMocUzI7kbQW-Ln35fgH8YYIDP00PYRRgxl7TQYyglSWryn9SJLipeu_PCMMPhmV0YBbLJdpSsLRfLDIipcl0HVtCgNmkrgUOM9ItQ2ksuf1LkIU12 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 52ms
51ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdOPMTDg0XEeBVwAobiXjjXcmgkCf-QmI94RKjjyv-g_P8AQbqeRHDheJGxRDL3gx83-ZQVkfMocUzI7kbQW-Ln35fgH8YYIDP00PYRRgxl7TQYyglSWryn9SJLipeu_PCMMPhmV0YBbLJdpSsLRfLDIipcl0HVtCgNmkrgUOM9ItQ2ksuf1LkIU12

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.bSHIkdPkz40.es5.O/d=1/rs=AJlcJMwk2gtA0qlnSZ9u1A3zP91R6GbHNw/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-94cNh+hwVNoDp25+jbOudw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-94cNh+hwVNoDp25+jbOudw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-94cNh+hwVNoDp25+jbOudw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-94cNh+hwVNoDp25+jbOudw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 04CD 16 B
232 B 81ms
80ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 28ms
28ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 30 Jan 2022 21:47:07 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.jagoanssh.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o7hkp009jp2ujdi55q4p7qamj6
.jagoanssh.com/	1970-01-20 18:04:11	Name: _ga Value: GA1.2.38563035.1643579225
.jagoanssh.com/	1970-01-20 00:34:25	Name: _gid Value: GA1.2.2020073826.1643579225
.jagoanssh.com/	1970-01-20 00:32:59	Name: _gat Value: 1
.jagoanssh.com/	1970-01-20 00:33:01	Name: __cf_bm Value: CLEvSZjFlpsP4_ip1ELxtKaogrP1QhAbbBF0SX4Dfak-1643579225-0-AX2VqDuBZJoPYRRJJUbc3RIrjzkcBkIpeCqwvG0R9zNM1YKEvEM6gyAtfKNUFxqc8rXxkjjCWqZjuTtZhPU5UKglGJMSxWElEW9Q7WQ3ZCBBgcZXAxxh3f9EbH1kjj25kw==
.casalemedia.com/	1970-01-20 02:42:35	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 09:18:35	Name: CMID Value: YfcHWTFfNurtjbe-4o1kHAAA
.casalemedia.com/	1970-01-20 02:42:35	Name: CMPRO Value: 1179
.doubleclick.net/	1970-01-20 09:54:35	Name: IDE Value: AHWqTUkFiilrsC5Li2DEtyH67641QvAMoy1o411KntkinUOXhxZa57Beh6iZ3Yml74I
.jagoanssh.com/	1970-01-20 09:54:35	Name: __gads Value: ID=2bbd1114a43b817b:T=1643579224:S=ALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA
.adnxs.com/	1970-01-20 02:42:35	Name: uuid2 Value: 3325251222301129800
.adnxs.com/	1970-01-20 02:42:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU!r_1--!]tbPl1M>e)ZlrFUfJ+tGXxp?LY]-<^%8#EExLW:Z4KT5E_5$sOyyxM7<ny1%nugO%v4VB%nm)z)lQf!
.mathtag.com/	1970-01-20 09:18:35	Name: uuid Value: 6ae361f7-0759-4801-9b9c-a4255d0a1d0b
.casalemedia.com/	1970-01-20 09:18:35	Name: CMRUM3 Value: 2d61f707592760CAESEB-Ln0m9NpVD1dTcAdoImP4
.redintelligence.net/	1970-01-20 02:42:35	Name: 8lcfmzhxc8d6_uid Value: c57bfbe3e363bdff
.awin1.com/	1970-01-20 00:35:52	Name: awpv11830 Value: 296283\|1643579226\|2aecdbe0-8216-11ec-983c-2238a966fab2
.yahoo.com/	1970-01-20 09:18:56	Name: A3 Value: d=AQABBFoH92ECECYXHCY3l7R_WIzwh64FUPIFEgEBAQFY-GEAYgAAAAAA_eMAAA&S=AQAAAuaRfhhnnfe1mOu6yf6dijs
.turn.com/	1970-01-20 04:52:11	Name: uid Value: 3357356878576917259
.analytics.yahoo.com/	1970-01-20 09:20:01	Name: IDSYNC Value: 18yx~22yl
.lijit.com/	1970-01-20 09:18:35	Name: ljt_reader Value: 4c1a1832a5f6f85bce99e99d
.office-partner.de/	1970-01-21 00:32:59	Name: source Value: {"webgains_webgains":{"timestamp":1643579226812,"clickCookie":false}}
.awin1.com/	1970-01-20 00:43:04	Name: awpv14098 Value: 296283\|1643579226\|2b58bd10-8216-11ec-983c-2238a966fab2
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.retailads.net/	1970-01-20 01:16:11	Name: ppb2172 Value: 1181067315
.mathtag.com/	1970-01-20 01:16:11	Name: mt_misc Value: mt_bt:1
.quantserve.com/	1970-01-20 02:42:35	Name: d Value: EBQBCQGpJYEA
.quantserve.com/	1970-01-20 10:03:13	Name: mc Value: 61f7075b-0d6b2-99ed0-ac154
.futalis.de/	1970-01-20 01:59:23	Name: raSIDb Value: 1181067315
.pubmatic.com/	1970-01-20 00:34:25	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:42:35	Name: KADUSERCOOKIE Value: 64B890AE-BA12-414F-B1AE-B3CAEFA40E3C
.casalemedia.com/	1970-01-20 00:34:25	Name: CMST Value: YfcHWWH3B1sA
.jagoanssh.com/	1970-01-20 09:18:35	Name: FCNEC Value: [["AKsRol_GiIHDl5lVMvEGNIXaEb7-TQEBFxh6BO7VT7qz7G7FNgpYNvqAUNhjcbhCyf9gaaiwltqfyjjPj0moLPjcw-ux24-mwQbSKMawrJeXI0YzS3UD3ETEBot_I4kY_otYxejXrcr2YltoysY2ldGrjVgY2vbnTw=="],null,[]]
.innovid.com/	1970-01-20 02:42:35	Name: uuid Value: ab36222e-9257-4c71-b939-bd188dfec0c9-20220130 16:47:07
.doubleclick.net/	1970-01-20 00:33:02	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF7EbFNbrLNOOKIlp-bIXRg&google_cver=1&google_push=AYg5qPLaBLEf5esN0543EqZUSGyrq528PDmw3aWWeF3iqb_A81Gnm7UMMUbi1j3S0UoQCtva9QVzdMvbMhKrnbpJyIJyYpfEP2U Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
cdn.jsdelivr.net
cdn.retailads.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
hal90002.redintelligence.net
hal900026.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
r.turn.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.mathtag.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
webdns.eu.org
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jagoanssh.com
cm.g.doubleclick.net
104.92.94.3
116.202.48.214
13.224.96.83
138.201.84.244
142.250.184.194
142.250.185.194
142.250.185.198
142.250.186.34
151.101.194.49
167.233.14.134
18.156.0.31
185.29.132.246
185.29.134.248
185.33.221.89
185.64.190.78
199.187.193.181
2.18.233.201
2.20.157.55
2001:678:cb4:bbbb::11
2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d
2606:4700:3031::6815:5f9c
2606:4700:3033::6815:4859
2606:4700::6810:5914
2606:4700::6810:5f41
2607:f8b0:4007:809::2003
2620:112:f006:bbbb::12
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
34.98.67.61
35.227.252.103
46.236.13.147
46.4.10.47
51.89.9.252
54.72.0.164
72.251.249.13
8.39.36.141
88.99.219.174
001e2715fd38044cebc280676c5776ff00a5352c637fde0fe3d598e3ae82b693
0038aa9ed4d1e13c44aa42702a80f572db33ce03089a82b32c60c0a3b446a881
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
07c1a4ddc1ca58f5ea6870d7d12ea467068c57338ef4b40ea2e9169622c77272
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f
0ceffe7f8dc8dadd003d2f363f5a0717ed4cab85afd5c23aa6f3397f51dc4769
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
0ebfc313a59d63927ed3d9c43d2210ff5594f2cbaf95137faf804b139b343bb7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15b7f575ef8013b341a44f81bfde1121e34cc31ce82217380e34f3cde0cd04ae
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186da89d4e3a4c2e666054bde2c9b9684451afba0d22499b7c46ff05b2b71c5c
1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813
1b4c7b236abbcddeddfe06ffef4146600d8437a6168ecc6d94aa7130bc658381
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c02a93417c62551493ed97235c99ef7b6ebd49f04e97005be613fdccfd98294
1c8dfc5e67b17f50316f8c627d2011d95a83b834c53681e9be10dd665424fd05
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d1aaffff8c70f7fa910784f6da780b400bf1ce37123186c01bf2cf251b89743
1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49
20d2b7472f76c7831a98ccbc252db65d4491a6c29e58d24d0c250c49cf91ed56
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f
256ab45e72d00811a252550bde3f17d2818b72e8fa2839b53c220ff8244cd6b7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d13ac8664a2f3f61828693d4b717313a842261c427d5a5298c3c6d9ecd8a315
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
325715991e5065756a482444881c499f0e8bf48900416032b0cd1c793ad3cbd9
34a9266d3a2bff74d6b3233721767543fd0e57f4835cee714ea892f5497196cc
34ef825d1200a7fd65de67bd50216e4564db7344dd4c78fa7b53fbdd756c432f
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416a4175b9e9a2cd86f7ce7276d53521204b552c560aef704ee612daf654ee5e
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
455af23717de3e11bceb3a34d2f34b9084f88c31533feb1c9b515ae79beb9424
47d2624e2edaac119158393b2705a224f485012a3ef6584cbf217f2d5bf60e70
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a3b01ac23a5794bf248c90d09d856bf0dbb3a9998f759280ae59ea73365f612
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b94183936f0779be9ebb031e139280604f6ec14768e1660ee8b45eef5d111d8
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f34dce1876f1252e49d0879d89279114caaa052e95b35315f264b632b1fcd0b
4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505832b0febadaa67469fbab3c0c6b2878db701cad5305689276528b349d0070
511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe
5442363bd6ec5eeaf3879064e39174d75d0daff3314700a316d1833b68c10dfd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cf12758deb08a462fdf37940746b9cd2cd2b4cb6464852f6c89af4107d872be
5e2bf5ae096cf3c9b078b3a3360931d86a33c7eb8e7897cb14e7f4b5e2188b4d
5eb31c1817c870043538269a7e2d0c6dd483fb5c6a743e81edf46e0cb09cc38a
5f93f0286980feac0bb1912db6302af4e359eb243107bd2695ba94135a4989bf
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f813da14d17d7228fde504ae1e7f073d14876cd92f51abd3d8fe4cc5edf5bd
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6c55b098ddb1750a3a50709e64c3ff3adbd41597a1174b75f9dc0a6636227cac
6d17c191e5863bebf998cf621ba7ca1738a59ef7ea3db73a423c4a94b3e51f09
6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76
6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486
6de40905de741f102a7901a3e62cfbd9424555aa62d247ad8d68ec266d5dd92a
6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1
710a975426a0027b34f7cc6501a72c190d7480befae89d4afa69115ed8be93a7
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
74ff9418c9cefe00d5c008ee0daed56389be2476f26a462ae27af671b2b5029b
751af7d272f028613431e3417b6ad1d44e8bd2b10c5c1f601122d1edf058262d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1b9bb1655d869d3f665f031438d85870594ead470e527bf521660607c6580a
7c22b29ea6850ba0926ba3222b8bad1bfff9cccc30185ab5ec9e676125efdf34
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
8354ab5571ba5f27d4b26096f201e86426cb1365b53fd80fb6e91bed791dc9f2
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
85f93f61aafab804a71f970e99ce3b0b13ab4f5c53c1b152535bda6fc00850c8
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
879644896c5fdb364366c5efbf1cb7981527397b0f1455ae7fc4231b3c7061a7
8a26386fd133ed4f61924e6a17ff50a5cfa30a23dab6352d2e76cd8f615db0c9
8ca97650cc0f2d29d0b600f88adbda5fadb53f1126feb541913fd630dd67f44e
8ce776f6eec4192fffefc170c47a6b8de020e4804e884e71eca7ae9ea6072a3e
90c5e879a6bb719bd591edb94ed0a04539f91b5055a274575a38f7e14fb776d9
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d80fa44808b9011edded6804b3450868a7cb22add2cb7980c09e5bc903caf60
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0489701e93e6bc91552e355d841871d22adfcecd62abcc683a04fcab616dc5f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac34d7b2da7b6bb92d6a8cdd6a8708bc271fa7739947be98c9a7ceb55c424acf
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aeead43a5572e3543fa56e7cd441f9ac5360c435360d7b951042ef75dfaee72b
af4e4e95ec92a7f33674fa60611f2d96e9c9aeafa9828076739bf20d08afac95
afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34018b7febe19cb767cdfad90d7ef38458a38780ef8fa76c8a5162edf31b072
b8314d8688065526d4f5842b7a571cb34a685331c7c75b2159fa60bc1657445d
b9c59ad15fb8a4c919e6f16557d181e93eeb3210498495e8b6b345e0dd043ba1
bc531fa86bea442e30fdc7d547dd2e8f795c30a6366630e025fe9baaba2bb74d
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb
c420977971d8a84ba0a82893c3eb118389dee67767141ac81cef22837dd51276
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4a0b5bdf6777c0df8e6c3c4c4ea50b1b4f69c218bdb0e9319dcd61f66b2e4b1
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccbb07d96140c7b362a7354521f1b4df71f3eb6160ee83616a97bcc8d5be711e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cdbe1ef58468076aede420dea4b2fccbd9cb4e86cc1517d4b52db96f10b174e5
cee9118aab4a91f88c194ade05a1b2be68b66b2ce2dcc2cb5ca081ad39269ad0
d10c55737d31f7fe33161fc934c0272b39c013d2bb441093f70b03a364342986
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7db523878d8545d790ba921ace451f96ac60cd946cd8770d37012a116cc3e8e
dcfa3c266dc1db6bc5d452bc89db79ee64260416a21a03660d2048a2e7776f5b
e037b3c7b7441f8d0999a402e6d6c55679a29b1ed0be4c89ea44e46a698fc53e
e0825928eb732ce936f063676a8bde6ec18f3a6c84e00cc28504b41343f405ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f566130bda8a3b3d344d365fa010b06611519a3f2d110faa73fcb506fa4d8
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e76ce1a225599c0b17c4a4c4b3b49bb0afdaa2b7e0bc7581ec5b9f524c8c5857
e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
edea4757f61c1a939af7dbe2a2c9cee16982c870a7ffe110948ae01503a7150b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dc407a28b9bc6862935d61896359353389c2c207b30d4d915b03e870d56ef8
f17d4f9759d02cdcdba50495a874d33b5e9f15ab2decb05b9343d4d3357f9457
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f2152b36944f90f3c925c0d1eff7c1d061ac52acc8b4a26691766e27d0b59138
f22f65bc2bc02fa5f8875914362ed1f17a464e7d1346fcbdea88d694c06158c7
f319c6a215938206737158adb32e9e89e978502432416a5237c7e0ee4a3ba3ca
f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fada4ef16159c4e4fc5a47b9b377215f1625096f49df7f74892a63e59c8ca038
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fdb888f1c9732cddf69c51e3b98306455a2e2aba3cb279c6ad28e6cd9ead756c
fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925

www.jagoanssh.com Open in urlscan Pro 2606:4700:3031::6815:5f9c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

289 Requests

94 %HTTPS

49 %IPv6

37 Domains

56 Subdomains

47 IPs

8 Countries

3420 kBTransfer

8072 kBSize

34 Cookies

8 Outgoing links

Page URL History

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.jagoanssh.com Open in urlscan Pro
2606:4700:3031::6815:5f9c Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

94 %
HTTPS

49 %
IPv6

37
Domains

56
Subdomains

47
IPs

8
Countries

3420 kB
Transfer

8072 kB
Size

34
Cookies

289 HTTP transactions
15 data transactions