Submitted URL: http://webdns.eu.org/
Effective URL: https://www.jagoanssh.com/?do=dns
Submission: On January 30 via manual from US — Scanned from DE

Summary

This website contacted 47 IPs in 8 countries across 37 domains to perform 289 HTTP transactions. The main IP is 2606:4700:3031::6815:5f9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jagoanssh.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2021. Valid for: a year.
This is the only time www.jagoanssh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
26 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
29 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
7 142.250.184.194 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
7 16 142.250.186.34 15169 (GOOGLE)
4 8 2.20.157.55 16625 (AKAMAI-AS)
4 6 185.33.221.89 29990 (ASN-APPNEX)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 185.29.132.246 30419 (MEDIAMATH...)
9 88.99.219.174 24940 (HETZNER-AS)
2 2.18.233.201 16625 (AKAMAI-AS)
1 4 116.202.48.214 24940 (HETZNER-AS)
3 142.250.185.194 15169 (GOOGLE)
3 46.4.10.47 24940 (HETZNER-AS)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
3 6 142.250.185.198 15169 (GOOGLE)
6 46.236.13.147 12703 (PULSANT-AS)
3 104.92.94.3 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2620:112:f006... 6336 (TURN-US-ASN)
1 151.101.194.49 54113 (FASTLY)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 199.187.193.181 47043 (SMARTADSE...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 51.89.9.252 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.224.96.83 16509 (AMAZON-02)
4 185.29.134.248 30419 (MEDIAMATH...)
3 138.201.84.244 24940 (HETZNER-AS)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 2600:1f14:d24... 16509 (AMAZON-02)
6 54.72.0.164 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
289 47
Apex Domain
Subdomains
Transfer
75 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
725 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157
433 KB
28 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
109 KB
26 jagoanssh.com
www.jagoanssh.com
682 KB
19 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal900013.redintelligence.net — Cisco Umbrella Rank: 317735
hal90002.redintelligence.net — Cisco Umbrella Rank: 242766
hal900026.redintelligence.net — Cisco Umbrella Rank: 216179
100 KB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
601 KB
11 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3608
pixel.mathtag.com — Cisco Umbrella Rank: 1240
sync.mathtag.com — Cisco Umbrella Rank: 421
8 KB
9 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
api.webgains.io — Cisco Umbrella Rank: 60455
154 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
67 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
337 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
7 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
37 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
54 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
6 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
10 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 175237
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
63 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
878 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
878 B
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 250175
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1541
296 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
456 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
350 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
463 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 317714
409 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
336 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
75 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
177 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
417 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
5 KB
1 eu.org
webdns.eu.org
703 B
289 37
Domain Requested by
42 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.jagoanssh.com
29 pagead2.googlesyndication.com www.jagoanssh.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
26 www.jagoanssh.com www.jagoanssh.com
static.cloudflareinsights.com
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
www.jagoanssh.com
googleads.g.doubleclick.net
16 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
10 www.google.com 1 redirects www.jagoanssh.com
www.gstatic.com
tpc.googlesyndication.com
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
www.google.com
googleads.g.doubleclick.net
9 hal9000.redintelligence.net efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
www.jagoanssh.com
hal90002.redintelligence.net
hal900026.redintelligence.net
9 s0.2mdn.net www.jagoanssh.com
s0.2mdn.net
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
9 www.googletagservices.com efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
googleads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 fonts.googleapis.com www.jagoanssh.com
googleads.g.doubleclick.net
hal90002.redintelligence.net
hal900026.redintelligence.net
6 api.webgains.io analytics.webgains.io
6 track.webgains.com www.jagoanssh.com
googleads.g.doubleclick.net
hal900013.redintelligence.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
6 securepubads.g.doubleclick.net www.jagoanssh.com
securepubads.g.doubleclick.net
5 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
5 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 sync.mathtag.com tags.mathtag.com
sync.mathtag.com
googleads.g.doubleclick.net
4 8019191.fls.doubleclick.net 2 redirects www.jagoanssh.com
4 hal900013.redintelligence.net 1 redirects efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
hal900013.redintelligence.net
4 efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 hal900026.redintelligence.net hal9000.redintelligence.net
hal900026.redintelligence.net
3 analytics.webgains.io track.webgains.com
3 www.awin1.com googleads.g.doubleclick.net
3 hal90002.redintelligence.net hal9000.redintelligence.net
hal90002.redintelligence.net
3 googleads4.g.doubleclick.net www.jagoanssh.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 cdn.jsdelivr.net www.jagoanssh.com
2 image6.pubmatic.com 2 redirects
2 cdn.retailads.net 1 redirects futalis.de
2 www.googletagmanager.com adv.office-partner.de
2 ups.analytics.yahoo.com 2 redirects
2 ap.lijit.com 2 redirects
2 5994599.fls.doubleclick.net 1 redirects www.jagoanssh.com
2 adv.office-partner.de hal900013.redintelligence.net
hal90002.redintelligence.net
2 pixel.mathtag.com tags.mathtag.com
2 www.google-analytics.com www.jagoanssh.com
www.google-analytics.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 futalis.de hal900026.redintelligence.net
1 onetag-sys.com 1 redirects
1 ssbsync.smartadserver.com efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
1 sync-tm.everesttech.net efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
1 r.turn.com
1 ad.turn.com 1 redirects
1 ajax.googleapis.com hal900013.redintelligence.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.cloudflareinsights.com www.jagoanssh.com
1 webdns.eu.org 1 redirects
289 56
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-19 -
2022-04-18
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2022-04-22
2 years crt.sh
redintelligence.net
R3
2022-01-27 -
2022-04-27
3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2021-06-29 -
2022-07-07
a year crt.sh
adv.office-partner.de
R3
2022-01-06 -
2022-04-06
3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.webgains.io
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.futalis.de
R3
2021-12-23 -
2022-03-23
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1
2021-07-17 -
2022-07-17
a year crt.sh

This page contains 43 frames:

Primary Page: https://www.jagoanssh.com/?do=dns
Frame ID: 571E9DCC96A619EA89A69CD85F14D324
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: DA5B1923B14E4973F949B85FA50D7304
Requests: 1 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1927EF499D43D86A53B299F7109D48DB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Frame ID: 695FEB5A0AF682BD5BDEB4C4A2A3A247
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&adk=1812271804&adf=3025194257&lmt=1643579225&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=780&idt=209&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569225387515&frm=20&pv=2&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=487
Frame ID: FB1745B1C86CAA5322A470EAF4604A8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Frame ID: 34F3269BDCBE73AFF690EB45DC090E77
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Frame ID: 325C9A87025A968B3EDBBC29755E3F32
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Frame ID: 806F7BE094C96D4A9CE1DDA408381012
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Frame ID: 28E7F4EBB3B04F733A621478BA0AC2EB
Requests: 14 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 675B5278D35378BA60543E231545AD31
Requests: 12 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D15CB2A891B68DAAEB3A52AE78D2DF36
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CAA595FFAFD74B709E6F7E28C6135041
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AECD27F45EA961448CE88A19F8943C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Frame ID: 423FB8D16CAA6988E79B4CF8F5EFA975
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Frame ID: DEEE66CFE312481046BB41678A738F2C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C411GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhExPiMLtk6Hb-H5q72m-X2bt_-7dtUahYcJuxzq-IECJCnyJO7C34AGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=IT96SQTGi2E&uach_m=[UACH]&cid=CAQSGwCNIrLMnwsQm6HWa6VjQEB2BcY62NcOmTKllBgB&tpd=AGWhJmu2V7K1R9Y7c_08jdZw97LCdBoYJ_Odr_ph4edFSaeec5gJkh1rofzMCPhqLoJMhYUPK8wPrCDlBEW50TbSEeYntm_ffFzzhCYRj6DaRZAPSJBFBioPdPEVHJd5kTOWrREwe-f8_OoGyIBhsc2mXI4JU7LXjDWRtnG3OgePCr3p3aLHiEkTtjKGq37c_jB1GlPQmoVicPZ43I0He5XN21cYlBKhO4AC1iVlBijQBnw4CyGelONsUrT3-ndNq7vmqfovO__0GgUwR8CrsT6kDS1zFL2uI3UNxnyzwlUmWWsDD0hf1awu8xxgtZJsaAjdcqTbhvM4ZMiBmUCar3kuXwelyjP_oDRcwtO9vojwXnLU_6-Ktog6Dcg_qoOMSWxal1A4j1Z1O0Tl1tYAy9ZfgAMKzXEURbTVt3B0-scmuWWncbAYHLNNTLXpOXCesA5zVXdVo2RpLQagdolJ4p87TBI35MfgNt45Nrgb01k-hff_6mdTvG_G6TAIi45eYwWBJug0Xhte8JqYj608PE5h2yZ88Yec_A04UgcYnuNcKO2fztWw0w0PQocPu9h1_jecjD2jbOFGh2yifflLpIwUJKUtmvJ2SZh-gq6s0C-Lsqbd0lllPE0VR915ysjBLBAkl1sD23jfyB-KMczADrGjapUFCaBYBt8u9v2Ne3t2Xqay4ZwP818VWzuwwgI_rYxjQR_eZR1L9iY12jzEADOQ6u49jqWduvfsOfhV_2QVMxRGrpjYeEDoqWW9hkPboBrg4yqWIfsP6LLaNlICRNGChwxAeVu7sMYwF197Q2MSNNuKWsMCsgO13Y1gzQ40hfvf53l-UX99HA3hf1cNw3ZS6gtMsP3-aiZy8sbYyjKNhcGF0hz_y_D54NvD1Miz0rMMjtgS453iORZSUskFhEoQNmyVaWfTFD4Av0OwZkJ1f5fDHvaL93PG-r14GXLMCQVzDu_yQEYgPR6x6G731E0f2mKkbQ-hvswJlRiu_jmjGrWzfdK26rQjIf7tSt5DJH_LVwKB1qN4YAN11n7-JnhKlgzVLJSebQUr0893bdzoiGGnJfx1Y_6Hz9O30A8iRdwHRN4
Frame ID: F971CF5EB871AF17ACA6BC7A1929238C
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT
Frame ID: 94056CF71D5B42D0D80BA0139AFCF35D
Requests: 3 HTTP requests in this frame

Frame: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C8B26BFADE78A16DFBA2C3A7EAB32F1B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6E63A115B41FF37A910485AB72A5D31
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Frame ID: A736C9D8C7BB12267901B9E8A5FFFA9A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B8F7CECB30FA14ACD30360B032B1B34
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Frame ID: 49F04738AF45B4353969C5C85B01FBF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8056A8C1458B0BAC8131CF0707454E51
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9FD9258A46965BB80E250925B9F3D97
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 51AEDC8A356D80F37D0527AC6A5AD758
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 01CE35C284AA3B074CEBD2ED12074A22
Requests: 5 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: EB48C01EABB5B3983E20B4B2FB2AE194
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
Frame ID: CCA0E9E76DD02E13D105AD496E46FFFA
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Frame ID: 01ACDCD8925693E6B70A549FB1B59D76
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BD91AFD2FA6479F30E43A1207ABBF76E
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
Frame ID: F50776475F588A3A158DCE961D2C6FC8
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Frame ID: E990E161D5F1DDC508085F9A4C3C12FB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 506414BDB37AF6FDE41CA60A8C9D4008
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 64D499A87280EEECCE599CF892476C56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cd7ORWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efzPq3yosWd6t1-JD4FBRg4_TpRbWLYchVSJizxpmoTNLI2mJaUGiIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=B1zBeSa0rA0&uach_m=[UACH]&cid=CAQSOwCNIrLMZzozKNNcu_ve53PBzw3I8XOuAf_MgGC-FkM-D_zBcm95gcGBszbOMMDd2MIyQNSuzU5phSBBGAE&tpd=AGWhJmsIBw8oNEhb0EyKSfg6qxkQ1kKrHBx182qlNfrmuygUMTZOmiEhl7bz4K0acEKNqLHm6SLXKW30I7dAcvRH-zDvWNftWPT2W1sSpvheSjpTBYA2yiDS37u-1ZoHmkxNhiwfM7f2j_B5tjQae3JUX0NXkw9qNxioq4VZsTqFcZcezpBV2cyRE1-RtAYEyBhTG14RIVriLCsCR54rvZAo93P5OAHaCFQiA1BcxXax4OJqlqw0PwJNCNYvITJ0H1aK4SHrwEPc1YDwjY04CTGAHhXo5iNDin-le5BYOKw8jAdDt1KZr1QJfzrNrI3129ZVf_16tRuHw8Or2liy5Uu82cxQcYdz9k1Buj-8y8XkT_s-YSyMaRA44NHIQ9OThk_jegG0Xn4wngJhti97KydXgDGpHcpETuAnF3ueUr22Ec5LALCROTgjN7Xjjqyj47cmOP9YiKFj6lyRWhGyE8iJlBmEm0G6HOHUxR1DkX2wD5QkCXDD4R9oSfoseIRfxQGCwuGIlaFMQuBjL98Oellkj6KQ750DcZhO_jteeQOQGq0o4Vv4wSgBVQxMSN4v9w47Le36PTub-ehx5UuR_TJrfdX8vStUaG9lNSeci8c-ioH4QFUG8n44TEjxV08Zt8yJ3J3oJ1yJXZH9yI1nSI2uRNuqe5edUSVIxKuBdqfC0TCPqpICAbfCmXvii6RBPI-arOyBiM6Sd7LJnEp2EK1c3Fn0kTIjFu2ruidyx9AWsVD3NfuT8xg0RpCzjbgKbx4uCfDxvkeZjNWH-g4DWDN4JFwmpLVJd5io2bdvclcR0k8rwHfjqs_PFI5WlMTOEyzp3KlNOuxgjUHi3pXl4yGG_FTLX3OL_ecynoSi72oHNDKO4-SJ4fG4sDhs6EGSA074Wyl_fQqi_EOu4llE63rcrYGpvjBYjkXEoPohJp84wmxfqLtW_mv7CTGNcvtnyhjqrF0wAWep9AShYezJ9IyWELZ--9ZnuQ3g5AmDRPPBct3qTklUU-CBuDb5WtFplUrn0ev2nRWmKfKEQ8HMcnOWSjNcKpNxUgeMGKAFDDVTsKYI67KMWCt6BVVLaDQe0M5qDbc3
Frame ID: 04CD8F3D9E8EAC9329DC9CDEF6FF1A60
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 6BC31ED83393A7E398106398F45E227D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 40523219D26DA98F0B16809B6F6A5085
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: DA19BB6FAF9EBC1B2DA63ADAA2F1E116
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Frame ID: F5FA63FE957170F1C60F733BDF201ABE
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
Frame ID: 977E946BCE8FFE5D592D408E834CC7DE
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Frame ID: A955E3C6DD4CBBF9F20E75C1665D2CC1
Requests: 6 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Frame ID: CF55A4EB04276973A84B9981BBBA7816
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C6CA75B5AD7343B1B09743276DBC001
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

FREE CREATE A DNS DOMAIN TO AN IP ADDRESS - JAGOANSSH.COM

Page URL History Show full URLs

  1. http://webdns.eu.org/ HTTP 301
    https://www.jagoanssh.com/?do=dns Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

289
Requests

94 %
HTTPS

49 %
IPv6

37
Domains

56
Subdomains

47
IPs

8
Countries

3420 kB
Transfer

8072 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://webdns.eu.org/ HTTP 301
    https://www.jagoanssh.com/?do=dns Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Request Chain 88
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1
Request Chain 90
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Request Chain 92
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1
Request Chain 94
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D
Request Chain 134
  • https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 187
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
Request Chain 192
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
Request Chain 213
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1&google_push=AYg5qPLq1MxuRLEoVyY-UlEZwbgCkbXWsf9SP2SWxZ7w4U1ms8vka-Tbec_dsDkY0ja8AExAJisK9RjHvI_DGbTxUXOp8iGB_sM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1NzM1Njg3ODU3NjkxNzI1OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
Request Chain 215
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d
Request Chain 216
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s
Request Chain 219
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU
Request Chain 237
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 261
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=98481800237293200951389011855026&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Request Chain 263
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
Request Chain 277
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDyL61hQSM7fE35eVycugGM&google_cver=1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDyL61hQSM7fE35eVycugGM&google_cver=1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWzhwyRDRCWiYGRZsyNNRY&google_cver=1&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1

289 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.jagoanssh.com/
Redirect Chain
  • http://webdns.eu.org/
  • https://www.jagoanssh.com/?do=dns
28 KB
9 KB
Document
General
Full URL
https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
07c1a4ddc1ca58f5ea6870d7d12ea467068c57338ef4b40ea2e9169622c77272

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2kba0vt%2FomPypwabXBvYW8BxidTuNNEbTWHz4fXDqXktRubtnR%2F%2FcUSZO9gTNT0YyWgzIk5IOFvKc8x25Xf8UwcfczYJplBAA7D7BV5JDodYdQLaAjexooziJg0qX4IP6H5ag2Vxw1VVKlVtbd74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d5de5831ae99004-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sun, 30 Jan 2022 21:47:03 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 30 Jan 2022 22:47:03 GMT
Location
https://www.jagoanssh.com/?do=dns
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QofQmG0QldFFKrl5UV0Jq1PBCkwIh%2BgBQgsZhWMUW4mlxdFS%2F8bb74NVxXgRR0iz94eQFv5UIohFrlr%2FEzor6tdmDFMzKbKN0Go4p7bX%2B9eF%2Bz7gwBceRH8E0bi03qkl3USLv6hcjSINJgxZ"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6d5de582bd108fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0489701e93e6bc91552e355d841871d22adfcecd62abcc683a04fcab616dc5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 21:34:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:04 GMT
styles-merged.css
www.jagoanssh.com/scss/css/
236 KB
36 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/scss/css/styles-merged.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315454
cf-polished
origSize=276442
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKvbWeOwY2jtNaA0vdbo92UfDs9LC4xmo1p980H8qBTGSdRbOpY708jQot43sbQYPWaPK102qeOEh1KV2%2BPVlduL6E57AZRTZE%2B7F8%2B5h166Hc2gRh8tQ5QAjwZxwM3PClH3tF%2FnTPKsSWSdDwZiTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de585b8ca9004-FRA
expires
Thu, 03 Feb 2022 06:09:29 GMT
style.min.css
www.jagoanssh.com/scss/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/scss/css/style.min.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
208567
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KegUzhY4AzIH7YJAT7jF8j%2BiEx4HbSwSDQ6lXbGqBBJ4%2FAPW40BM7KQGqzRYLl3C%2F%2B4NID%2FCUtwYCAznVvt%2B7aH%2BPPiQakinjujwC5huvX5X1DJEP%2Fhzv49%2B%2F4O%2FAgJVMQZPx1QCTyfJfITUm9jPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de585b8cc9004-FRA
expires
Fri, 04 Feb 2022 11:50:56 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/
5 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3415
x-jsd-version
3.1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d5de585dc805c26-FRA
bootstrap.min.css
www.jagoanssh.com/scss/lib/lib/bootstrap/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAAztXfSugFj1ZNaQx18c53KHLAE04SHkpxKrXf172mLNHumKnYAQcdqPke%2Fus0hJ88oy7pvtwwTI9afwA9rhlH07qFcKrmx4lJzOqmVTD4fQBijuU5RY2YqHOvH0P%2BP%2BufgufTLAVCGjFVCX7hQzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de585b8ce9004-FRA
expires
Thu, 03 Feb 2022 01:48:16 GMT
style.css
www.jagoanssh.com/scss/lib/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/scss/lib/css/style.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
417259
cf-polished
origSize=26956
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BKV8%2BnT%2FzaEClXzJa%2FTP3dDSy%2BJAgLc5FpmPAyrpzb48csAQI7f47eyYxX0cJAWgG0ARuwi297cw6JApjH1NrLBgVCxC0Vsp9sYBGUUEGrYqhdLgdRgTpqOZystKJ%2BkkW6R%2BdjumMdbcaLSbrdGIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de585b8d39004-FRA
expires
Wed, 02 Feb 2022 01:52:44 GMT
font-awesome.min.css
www.jagoanssh.com/scss/lib/lib/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
286151
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm6nR%2BRGwlCy896cW0bEVYAX6018yswkfz9HV%2BQWNHz6OLTB7YSygrCl5t54tScSjzgnm1BC8geRepdxfd%2FHXswFGhmOCV5QRswZ256ZTkmNRlHCYxX%2FZyt6wCP6sZingMV%2FhAQDbq9M3qxYK16w9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de585b8d59004-FRA
expires
Thu, 03 Feb 2022 14:17:52 GMT
invisible.js
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/
43 KB
15 KB
Script
General
Full URL
https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7db523878d8545d790ba921ace451f96ac60cd946cd8770d37012a116cc3e8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3626NByZg9zi54cRb6YrYaOZeBbR3Ksczm0fX1aS6UCELkWLySiCCePybq3deZ8qtXt0n8a%2BrsEQFSxbELXwDdiHHoijA0ezHtFySKlOyFC8tG0PT1lxK8KLXZu8aDYYrPt3qMVHkiWRnNrVAcDbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d5de585b8d79004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
www.jagoanssh.com/
3 KB
4 KB
Image
General
Full URL
https://www.jagoanssh.com/logo.png
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3300
last-modified
Thu, 21 May 2020 08:32:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpruxiB4IwEYSH12X9Xxb1N2GBJVorV9Pc0cuEjMVWo843UJnrMab2vvezAdMrv8LGvVHwzW83e4wJNHXhG%2FcTkwffLQ9L9zm%2BStjRRGb5ipgcgQyvN16GxyRYj3WP34gV6nhq5A0ieGbBTP0PgLyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6d5de585b8dc9004-FRA
expires
Thu, 03 Feb 2022 01:48:16 GMT
home.png
www.jagoanssh.com/negara/
196 KB
196 KB
Image
General
Full URL
https://www.jagoanssh.com/negara/home.png
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
200221
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFcnNqHnB91adYsroE9w35S6DPRSzbxsC4vUjBS3jujzhdfS9i2tp8eZMsGtA7y%2FOn51t%2FT27hqQGm6hP5oke3O9VcIqADCwBOTSk3cxDyDlYV%2FLjpsB2EUMpePC6j9fXcd0QlWpN3Ajb%2Fd6Wtr%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6d5de585b8dd9004-FRA
expires
Thu, 03 Feb 2022 01:48:16 GMT
playstore.png
www.jagoanssh.com/assets/img/
14 KB
14 KB
Image
General
Full URL
https://www.jagoanssh.com/assets/img/playstore.png
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13957
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTvusAO8s%2B6M5qBn0nAK%2FJ%2BtMnpN7ErhWriSKpgNduOkMVlIaJ5I00IPWrzuoTOIA%2BgF7iuSfKgJkBC8GvmSkYIpG7DJBzxJZxJaar8U4wN1SBxiVQeJvWJKIbXOYD7uM4OuxeKufaSsOuk4x73qyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6d5de585b8df9004-FRA
expires
Thu, 03 Feb 2022 01:48:16 GMT
rocket-loader.min.js
www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 10:01:18 GMT
server
cloudflare
etag
W/"61f26d6e-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDGxwurxysI%2BNFIHd6ICcodyQiKWaxmWEuptEu939igb%2B941oglASULqaKQlYsq8TaYSCODIHeJMGkNTmsE%2FFU792K2QK0f6MlYZgVBAjR0e7d1L5FthSp%2BURWoJzsfu4rpLm3Y6ezwc1t49VHGwxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d5de586380e5b8c-FRA
vary
Accept-Encoding
expires
Tue, 01 Feb 2022 21:47:04 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.jagoanssh.com/
Origin
https://www.jagoanssh.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d5de586685a92ad-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
751af7d272f028613431e3417b6ad1d44e8bd2b10c5c1f601122d1edf058262d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53059
x-xss-protection
0
server
cafe
etag
9712386660504255461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Jan 2022 21:47:04 GMT
api.js
www.google.com/recaptcha/
850 B
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 30 Jan 2022 21:47:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
5cf12758deb08a462fdf37940746b9cd2cd2b4cb6464852f6c89af4107d872be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27099
x-xss-protection
0
server
sffe
etag
"1118 / 660 of 1000 / last-modified: 1643411190"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Jan 2022 21:47:04 GMT
fontawesome-webfont.woff2
www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Origin
https://www.jagoanssh.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
368997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urphRfz6Qgk2YGkEpInrNARZE6BbxxNbcxyMIvt63PKH8BoiRpspfn9GPukABLKqas0v2qffD8qywfWi3Uej8xQ6S1QgbmE7IsWFNZJGNjPOMNSyYizmSAGIImJjRi0mBW6yxJuzZLPody%2B30RskHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6d5de586a8e15b8c-FRA
expires
Wed, 02 Feb 2022 15:17:07 GMT
icomoon.ttf
www.jagoanssh.com/scss/fonts/icomoon/
207 KB
112 KB
Font
General
Full URL
https://www.jagoanssh.com/scss/fonts/icomoon/icomoon.ttf?1z9v6x
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/css/styles-merged.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49

Request headers

Referer
https://www.jagoanssh.com/scss/css/styles-merged.css
Origin
https://www.jagoanssh.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
563847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ8TTZkwfwMibg4c0MdCbJKphakki7ef16DgPJCo84rtEVTCScwiHjrKq1FcPrvEX4V%2FgmZo40yvihwIhnPzxC4biwsp51VXiOIWq9pdHGwxEsuJw9p5Mg8I1Ak978rL4dGM5C6Cnou%2FSCjoEWRFTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de586a8e85b8c-FRA
expires
Mon, 31 Jan 2022 09:09:37 GMT
pica.js
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/
19 KB
7 KB
Other
General
Full URL
https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4c7b236abbcddeddfe06ffef4146600d8437a6168ecc6d94aa7130bc658381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6j%2F0XouvS1HFhv%2BuORwbYxz4mfTsR0wf3DpTCGEufNBczfyB5HTYb3tr3lk%2F7OAKPDRlNFkAp7NKMwDWD%2FLMUyIqKqmAmdBBh9vS3QT%2F%2BWlSN1aBzlM9UyNWw8p3piTPvMNfSqbkZR%2B19DsHw%2Figw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d5de58a3ebf5b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6132
date
Sun, 30 Jan 2022 20:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 30 Jan 2022 22:04:52 GMT
font-awesome.min.css
www.jagoanssh.com/assets/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.jagoanssh.com/assets/css/font-awesome.min.css
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
370396
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVLCwpWl0qrCWZ4Sdv64W5wKi8eBq3s5rGyn2NGsd1hJ8WRh7jAtN%2B4Rkr4kSkLKQ8GLeXTyuxKWMRIAIJVttOeLaO1ywVzKJHHw9EulpTKVuQl4OxnVccG05aTsSSVdapNFV3rceBEFdS0T4QWR9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58a3ec45b8c-FRA
expires
Wed, 02 Feb 2022 14:53:48 GMT
pubads_impl_2022012506.js
securepubads.g.doubleclick.net/gpt/
354 KB
119 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122264
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 21:11:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
197 B
147 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jagoanssh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8354ab5571ba5f27d4b26096f201e86426cb1365b53fd80fb6e91bed791dc9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122
x-xss-protection
0
expires
Sun, 30 Jan 2022 21:47:04 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/
287 KB
104 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2bf5ae096cf3c9b078b3a3360931d86a33c7eb8e7897cb14e7f4b5e2188b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105952
x-xss-protection
0
server
cafe
etag
14780350822432706883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Jan 2022 21:47:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame DA5B
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Sun, 30 Jan 2022 15:32:23 GMT
expires
Sun, 13 Feb 2022 15:32:23 GMT
cache-control
public, max-age=1209600
age
22481
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
recaptcha__de.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/
355 KB
141 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Origin
https://www.jagoanssh.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 20:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143285
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 20:54:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc531fa86bea442e30fdc7d547dd2e8f795c30a6366630e025fe9baaba2bb74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53059
x-xss-protection
0
server
cafe
etag
1510053659784789339
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Jan 2022 21:47:04 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3412
x-jsd-version
3.1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d5de58a89f45bf5-FRA
fontawesome-webfont.woff2
www.jagoanssh.com/assets/fonts/
63 KB
64 KB
Font
General
Full URL
https://www.jagoanssh.com/assets/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/assets/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://www.jagoanssh.com/assets/css/font-awesome.min.css
Origin
https://www.jagoanssh.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311361
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=305zBuuyBng5Q5tfhj45rWnL6GQ7tvqXSudFKdLYRywNKlPosxCMhimVYh5a2IDfF%2Bs19d0LF8XNd8%2BKhe2EwpwecDmAsD%2FPDdvWZ2q1MWXGoPyTNDHAlDJl7aS6yhxErHegX%2FxuiWdpF1HnCpXCPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6d5de58a8f255b8c-FRA
expires
Thu, 03 Feb 2022 07:17:43 GMT
scripts.min.js
www.jagoanssh.com/scss/js/
243 KB
76 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/js/scripts.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
224042
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx834nVJEae2Hmt4Hjs45PVzKFYEB6bnw2UokmemVZJ2WqZgb%2FkQTcpUnFCzt0839YcdTquHSavNqmvSe3lW4xoPNZNa0%2BNMk3Y%2B5FUriMkoO3QqBQ9G65mvMFlh%2BzYulz6zSi9kA%2B4kwvIUGFnoQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58acf805b8c-FRA
expires
Fri, 04 Feb 2022 07:33:02 GMT
main.min.js
www.jagoanssh.com/scss/js/
5 KB
2 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/js/main.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
376474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrhqLzKV%2BaN7I0%2FkMLODf2nPYzTQugRIeQYKtk5778l6d8aDe8A0v%2FaKamF%2Fmnfh4l%2FSi3sHKURUxw089IeC4zc1N5fv4ZshxB9AXQMqWc61xUpdUcKa0RlnfBBgLlPNvQKN0lWokIRo1x8HF8HMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58b2fdb5b8c-FRA
expires
Wed, 02 Feb 2022 13:12:30 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1169998463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ul=en-us&de=UTF-8&dt=FREE%20CREATE%20A%20DNS%20DOMAIN%20TO%20AN%20IP%20ADDRESS%20-%20JAGOANSSH.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=141262704&gjid=450773422&cid=38563035.1643579225&tid=UA-120286388-2&_gid=2020073826.1643579225&_r=1&_slc=1&z=690551598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
56 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2827458361515167&correlator=580329171149441&output=ldjh&impl=fifs&eid=31064561%2C21068767%2C31060890%2C31060032&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=160553881%3A22641338472%2CJagoanssh%2CMR1%2CMR2%2CSticky%2COOP&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=336x280%7C300x250%2C336x280%7C300x250%2C970x90%7C728x90%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&dt=1643579224881&lmt=1643579224&dlt=1643579223933&idt=925&frm=20&biw=1600&bih=1200&oid=2&adxs=632%2C-9%2C315%2C0&adys=6435%2C-9%2C1110%2C6830&adks=83614399%2C1833107731%2C2385447796%2C3823591854&ucis=1%7C2%7C3%7C4&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&vis=1&scr_x=0&scr_y=0&psz=1600x6829%7C0x-1%7C1600x-1%7C1600x6829&msz=1600x0%7C0x-1%7C1600x-1%7C1600x0&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=true&fws=4%2C2%2C516%2C4&ohw=1600%2C0%2C1600%2C1600&btvi=1%7C-1%7C0%7C2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
505832b0febadaa67469fbab3c0c6b2878db701cad5305689276528b349d0070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19421
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5633080992
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138341717877
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1927
6 KB
4 KB
Document
General
Full URL
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 30 Jan 2022 21:47:05 GMT
expires
Mon, 30 Jan 2023 21:47:05 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jquery.form.min.js
www.jagoanssh.com/assets/js/
15 KB
6 KB
Script
General
Full URL
https://www.jagoanssh.com/assets/js/jquery.form.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
574189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqqMTdWnZ%2B6%2FOsu8NwjZZuXktAA7ei3pHarLT1cIu0lqRw%2FnNhJ2WZew8LgEgXjA63b%2FTa%2BXFb5SnlCNDa%2FxbTsUgyxe3udohJT0WXljxceCvmb1q1%2FLaI%2FEgqz4XmHbuvfpDDgkys3AlFWB3sSZ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58b98775b8c-FRA
expires
Mon, 31 Jan 2022 06:17:14 GMT
ca-pub-5543899617659266
fundingchoicesmessages.google.com/i/
89 KB
31 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5543899617659266?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8314d8688065526d4f5842b7a571cb34a685331c7c75b2159fa60bc1657445d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uKO81RZctV4cVuiPbTw+XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uKO81RZctV4cVuiPbTw+XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-uKO81RZctV4cVuiPbTw+XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uKO81RZctV4cVuiPbTw+XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
date
Sun, 30 Jan 2022 21:47:05 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
app.min.js
www.jagoanssh.com/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.jagoanssh.com/assets/js/app.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
460410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EiW%2BSzteetRFmqXD7ohiLOWi4cWDH9U7ISYFmINhIqwQOgSBhhuk%2F3Gjbx6Nr5Gx8TxWIm3GyoFlycIXmz9mFNcsD%2FzbsMh1xutQxerrm7Ell9DfrErtMDHKdPEPSRbrBOkuVrtlAaRia5ckRZDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58c090e5b8c-FRA
expires
Tue, 01 Feb 2022 13:53:34 GMT
mobile-nav.js
www.jagoanssh.com/scss/lib/lib/mobile-nav/
1 KB
1 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/mobile-nav/mobile-nav.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
482389
cf-polished
origSize=1413
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr2vDOaz9QJrN8FYG7mOqVcQWFT4P3wAARKfUWWyF91zTyB8N8L2TAV2w2%2FIfYIqLGzAv5Lwvrt16n6ykz9DtpuMtey6NNeXgNXUulRkt5tEClnXSrNrbSDWax7eNXMjowWbq3BHzsf68fEqDCk2Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58c292e5b8c-FRA
expires
Tue, 01 Feb 2022 07:47:15 GMT
wow.min.js
www.jagoanssh.com/scss/lib/lib/wow/
8 KB
3 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/wow/wow.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
224041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7RwUd2CyYv5WTIFxXX8WiRN5tGtfQe4%2B30b6hadJANisTc70aQ9yYHBY7pxpfkX1wwzELT4Wg%2FeqQT0jI%2B%2FYS55EnIhwKdYx7uD3BBKZvzQhhAYcCk34Kk7VxHC6%2F%2BSd%2BQNksJsVmbls7PdYncsoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58c39555b8c-FRA
expires
Fri, 04 Feb 2022 07:33:04 GMT
waypoints.min.js
www.jagoanssh.com/scss/lib/lib/waypoints/
9 KB
3 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/lib/lib/waypoints/waypoints.min.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
376469
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHTG9HbCmd931AGnK4bY%2FLNBAo6VSJbfx3%2FOe4s1zke7ZhOO16BKOp9XUWSF0soEndt08Q1z87Mr8x7t4K3KPcVI4kWStLllS%2FoJ0TyjCL0B1AmUpxT4%2Bgz8uM4Fq4R4B9Pcq3YzaJxmISZY4pOzsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58c69935b8c-FRA
expires
Wed, 02 Feb 2022 13:12:36 GMT
main.js
www.jagoanssh.com/scss/lib/js/
2 KB
1 KB
Script
General
Full URL
https://www.jagoanssh.com/scss/lib/js/main.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/?do=dns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
482390
cf-polished
origSize=3840
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 09:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWTDmGK7hGRLMKwmmek8kiTzApBeMYKXt3xBWnhMwtAz1BcqkVEgV3reeO%2FPBmJIrN67QLpGNFGZx6V2T1llo8DmbaVakCjnteohiUVoJlb4xnL1WgtFwc2WYs4qTJGINGTY%2FCR2gnhzibKPwMyjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d5de58c99d45b8c-FRA
expires
Tue, 01 Feb 2022 07:47:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
455af23717de3e11bceb3a34d2f34b9084f88c31533feb1c9b515ae79beb9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 695F
41 KB
21 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ca97650cc0f2d29d0b600f88adbda5fadb53f1126feb541913fd630dd67f44e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DqNikcpBnTq4gIpgwNXwxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 Jan 2022 21:47:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-DqNikcpBnTq4gIpgwNXwxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21784
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clickonme.js
cdn.jsdelivr.net/gh/Arlina-Design/view@master/
828 B
849 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/Arlina-Design/view@master/clickonme.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7029
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA
timing-allow-origin
*
x-jsd-version-type
branch
server
cloudflare
etag
W/"33c-cw8noOA9IoPj6UknUpUlDkDwOlI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d5de58cce815bf5-FRA
rum
www.jagoanssh.com/cdn-cgi/
0
168 B
XHR
General
Full URL
https://www.jagoanssh.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.jagoanssh.com/?do=dns
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.jagoanssh.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d5de58cda565b8c-FRA
vary
Origin
AGSKWxUIC0KNNnsuB_ct2aVEOviNlMegQMS8omdIh1mUts5H6gOsVWflH67MmU5sLr8M-TTTlxTfJpAjZRRWIv66dk0=
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUIC0KNNnsuB_ct2aVEOviNlMegQMS8omdIh1mUts5H6gOsVWflH67MmU5sLr8M-TTTlxTfJpAjZRRWIv66dk0=?pvid=2BA8A4E2-C4E3-4417-B76A-34FE6FD087AB&anonid=4CD1FD36-A5E0-4FBB-8041-240DA4064BF5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HP/7C91PBJ3OiqIMAwLXKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW8Rusv7Wevka92fWpdaVVF_pR1F2jkxRd0_qO8XPIaennubNgJRVrWZSTtVAdK2Z-oI6b6l_FSeYpLeGYV0HE=
fundingchoicesmessages.google.com/f/
42 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8Rusv7Wevka92fWpdaVVF_pR1F2jkxRd0_qO8XPIaennubNgJRVrWZSTtVAdK2Z-oI6b6l_FSeYpLeGYV0HE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI1LDE4NjAwMDAwMF0sIjJCQThBNEUyLUM0RTMtNDQxNy1CNzZBLTM0RkU2RkQwODdBQiIsIjRDRDFGRDM2LUE1RTAtNEZCQi04MDQxLTI0MERBNDA2NEJGNSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vd3d3LmphZ29hbnNzaC5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f22f65bc2bc02fa5f8875914362ed1f17a464e7d1346fcbdea88d694c06158c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B4Lz/ulJlJHiI4Gzi5GV0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
217 B
417 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.jagoanssh.com&callback=_gfp_s_&client=ca-pub-5543899617659266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f17d4f9759d02cdcdba50495a874d33b5e9f15ab2decb05b9343d4d3357f9457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-color-override-688238583%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&tn=HEADER&id=header&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FB17
153 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&adk=1812271804&adf=3025194257&lmt=1643579225&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=780&idt=209&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569225387515&frm=20&pv=2&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=487
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac34d7b2da7b6bb92d6a8cdd6a8708bc271fa7739947be98c9a7ceb55c424acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
content-length
42668
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 34F3
92 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c55b098ddb1750a3a50709e64c3ff3adbd41597a1174b75f9dc0a6636227cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
content-length
30138
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 325C
90 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c420977971d8a84ba0a82893c3eb118389dee67767141ac81cef22837dd51276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
content-length
31405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 806F
28 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdb888f1c9732cddf69c51e3b98306455a2e2aba3cb279c6ad28e6cd9ead756c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
content-length
10754
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 28E7
89 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aeead43a5572e3543fa56e7cd441f9ac5360c435360d7b951042ef75dfaee72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
content-length
31198
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
result
www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/cv/
2 B
745 B
XHR
General
Full URL
https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6d5de5831ae99004
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.jagoanssh.com/?do=dns
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTa2Ffe%2FP8IVReuEmVq1GUB9lDAa58GsSIME%2B2bzWUuAfqETL9ibFkFTGnK66zMeZ%2B%2FN%2Be5%2FqBM6GGWDquNQ0R5S17th%2BSuDwGn0IQjPT2pJqbCGasyWMTFxfoIOGQMHgR3uSUjDNmb1RnIXdlmN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6d5de58ebd0c5b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
container.html
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 675B
6 KB
3 KB
Document
General
Full URL
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 21:47:05 GMT
expires
Mon, 30 Jan 2023 21:47:05 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D15C
6 KB
3 KB
Document
General
Full URL
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 21:47:05 GMT
expires
Mon, 30 Jan 2023 21:47:05 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1118 / 773 of 1000 / last-modified: 1643411190"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Jan 2022 21:47:05 GMT
ads
securepubads.g.doubleclick.net/gampad/
51 KB
25 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2827458361515167&correlator=580329171149441&output=ldjh&impl=fifs&eid=31064561%2C21068767%2C31060890%2C31060032&vrg=2022012506&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=160553881%3A22641338472%2CJagoanssh%2CFlying_Carpet&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=pos%3DFlying_Carpet&cookie=ID%3D2bbd1114a43b817b-220e02212fcd00f2%3AT%3D1643579224%3AS%3DALNI_MZNsC6WK-rqtkF8R1W3_yj0KlI5lA&bc=31&abxe=1&dt=1643579225416&lmt=1643579225&dlt=1643579223933&idt=925&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=120&adks=2120413123&ucis=5&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H82WYOxjrHPJJG0xc6CqAK72j9pua1rgYGZs9bi-PkVVzelinh__mA9p72rPqJQNtxIGajr5o3sLcfphlYtULPAvA&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=true&fws=516&ohw=1600&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4b94183936f0779be9ebb031e139280604f6ec14768e1660ee8b45eef5d111d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25597
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 695F
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 16:48:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 695F
355 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 20:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143285
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 20:54:16 GMT
AGSKWxWwNwsBlEWvQMTvv000jXkvyxIIrC9i0IvTubjn8KAeERlpzuYIfaWYVhte_qG-bsWYRlLOFCMrpgSTmO_Uf7sK8F6mXHdngEXobVCbv08DpRgibXKR95oC4sNtQthtfETv3jVaY8Z5I1TKsfcaUVseoWvsh3vVtD2-DYZO0hFM9NOZGnVHFkKTmGMK
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwNwsBlEWvQMTvv000jXkvyxIIrC9i0IvTubjn8KAeERlpzuYIfaWYVhte_qG-bsWYRlLOFCMrpgSTmO_Uf7sK8F6mXHdngEXobVCbv08DpRgibXKR95oC4sNtQthtfETv3jVaY8Z5I1TKsfcaUVseoWvsh3vVtD2-DYZO0hFM9NOZGnVHFkKTmGMK
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.U5i-7wRlUpw.es5.O/d=1/rs=AJlcJMzgK0GEEODDR_a7BQEQLv7fnF5k2w/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VrueY+EJ9kwPPdyeTzszug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VrueY+EJ9kwPPdyeTzszug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-VrueY+EJ9kwPPdyeTzszug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VrueY+EJ9kwPPdyeTzszug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWalu6JXuxPCryYsAmwMLCK6ey3Du5J5MRUcd5eGkhMUpCWmv6W3GjKcZLZPmd-2jwGUaneYqxRNJns4PFDrZE3N0M2sX84lMDs7SxfhxqZt4Ti5UPzRQlEj0k71igfx2seYwzwP03WbY8mhitesURgM-okwDqkp68A7mKQVY-Du6hrdqYceksx1fkx
fundingchoicesmessages.google.com/f/
61 KB
22 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWalu6JXuxPCryYsAmwMLCK6ey3Du5J5MRUcd5eGkhMUpCWmv6W3GjKcZLZPmd-2jwGUaneYqxRNJns4PFDrZE3N0M2sX84lMDs7SxfhxqZt4Ti5UPzRQlEj0k71igfx2seYwzwP03WbY8mhitesURgM-okwDqkp68A7mKQVY-Du6hrdqYceksx1fkx?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI1LDQzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL3d3dy5qYWdvYW5zc2guY29tLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.U5i-7wRlUpw.es5.O/d=1/rs=AJlcJMzgK0GEEODDR_a7BQEQLv7fnF5k2w/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f34dce1876f1252e49d0879d89279114caaa052e95b35315f264b632b1fcd0b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z5bDSWzOoc6vdYNRtBQqtw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CAA5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 21:45:31 GMT
expires
Mon, 30 Jan 2023 21:45:31 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
94
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0AEC
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
416a4175b9e9a2cd86f7ce7276d53521204b552c560aef704ee612daf654ee5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VBHutTymeTbpodbhZE9fAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 30 Jan 2022 21:47:05 GMT
date
Sun, 30 Jan 2022 21:47:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VBHutTymeTbpodbhZE9fAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 0AEC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=2827458361515167&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 423F
624 B
300 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 675B
25 KB
15 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di874n8lNhfJ679K1jZEtbDM6gJ8fl9skZcb_FUMLW-27UVj6qcxXKs3Mjt3iodLJGUOXWrufVbsuPvP_JNiDodLaw-L9qNv3U_fVfnnfeb6Mo0Yji8g0UaSf0nSDZgDJOI_bwzeWsZtbVSX7Y8mypayvMLg&cry=1&dbm_d=AKAmf-A0Q9F3FJ3rK_vpauTBpi961ulXZlGAswKoaysLWCZWXB0ERP5xP3TkmGsf2RZddpUdbP-0zsxk3bdJyTx-ujH6dygu9dJCsNp59h6MRYKyYhS7_Muj4jNih1K8yjhynD3eBbDbOrDEWi6L8uhE1Rk6XT3ebJEtsuQ87jJXz-3P3uxCbPUeqMaMNQ1bZz_RGXu71BCEO08dl3CD93P180TBW5VcbQf3lbtSvXpkEp03K7iguGnbExlcexxO7hjhKZS1bHDTPeABUXZ5jFGfmcP1KoqaQevPQkf9Bx6deswdPZS-2l9JXGcW-1duM9oiMmELWlzKVj2nrbPsOnkPRWU972z6xSO3Jl5DHXB5y7kFL6fHoPmix7Pw3KEJRor2As-QeL-Z6JwUyVRn91qj8yoDcRBdvyeaOHRVUiQNSkJnmrxxfypB0KuoIs5gcrVRKvKdaB03uGNjdyO1ExUPCUfpxX6A2do2-E_ket5M6Xn65tJuhiCRzdUX_QEKI8GEoVs4B5Fr8tOL4kTbIHV5En7WsCT2MAl2JNN5T8R5-T4d8EPa1Tn-1F4K7tBvnC6U0yE5Z7zNTFg2JILewlPz1z5qSGW7zWv5RtsqIZiZePGiqE4WI4NWTucf5JIOh3-Cu6yiDrCFMqAy0UGE9cx2z0KMeGVr2jtLxpkLd3HN8T8hGLsaEnxxY9GBCW5KFLj4nHcB41ga1GuyrPt3MbqbeAxvfpKWctaKR-jBAWAtganEOo1P89lH_rzg_uX6vxqcagOyFL40Dr5nG492QEub4aXLdkBH3AwZfQ91Tc_7KJem9BWPD4hNZOeda-ja0IfdR5sLGyMgCoPC8YPHZJzxpD4MESAPtO6bGiGcOmSsjZ4AKmo5TXCXydRDREukMzHAw297TnY7jezDmGFLeH-7GlbF_I2br2-YGRF_qUNt7QFimF758KNJNB5sFHCOW4MS-R38uHc5KlesKd6r4NKIiuGdGTAyQuUSiyUX4EuQDLY57NIej0AcXb-kHyEKy_hHguxu-81atmtoxcNu8mZKhrQwxcoFL360Q9J1Z9VcWu9Q58bDZpy7dxnTFtsxxFs-uLPbNGeBxv-fQiBCPdWNtto8axMuNuD0POMFq3LJHvIFGn5FyL6xStsYSsUVK_AJGdfRnwRD0SAy70VCOeMeVkZqAnP4rsDK50VHgGTaVNOqEHEIhF6XqgTxhrRrj7q57hNaV9GhZUPoCdN6-LMvlucwQ4jZjRzXHOb4TrJPmwGD5TC6StqNU6m_SFH0BMpfAnHufzvsG-IEml8EeAHlNHAMwesNKg62IziOph4BVcbnUWsMjW_aDEwYZSr5DoO-dYmj7jAqX-quj_MsXLvzu2z2g4MEvcUtDArZIIouJCv--TeaAbBB07WadGKZ59S1aP41TUSfLpWC1enFwGJfed91wt4zArmvQr6dgH77tIjMnd2mehCXJMtloklYjYVUy8LCu870KbI5--ycDQgEz5UzYN6u4soSLIrAAEVB6YoTgeg6BqUiKNnNK2ccje7qvgrMOCd1fdpb8usiWV7Dl-W8ptffaCVeRqygFXMYO74oFpuY8h2CpdHz0NeLBnGfVQb8L3g0CYVXF2yvYj7BydatoIGIOuvrVqVS74wfOnXSixZDdQSv5xKuUKuEkMpkKb6x_ksJHUYgLzdTFn0uoxMg_WfyBZX_eRZhsCFJtNXJCpi-hykptrReFTWzDD9D0xMW4XfpkuKVtOklx3sYFVO-QIXzsxVnjBhfLUUi2r-cAQqJpc9ZMfqsDvxG7b2qU0T7VA9eYtzpH472jbcIMtnrh4yce5vmnEyr9z4lYA73mtdirpUUwA-KVzq-Hb3P119CrDRqeXLpJl0Q1mRs2XUIHta9xT1W8RpXIsR-O9bhBi49ybkXUzWFkdMGkO76WGnJBLv_pL6gzousSuT9cFbG6mNQhOaDwXexdIr0ZnQIdPxpKBKflSV3HPl2maTAO_cxTi0CNB85x1lEfnPEFqtx7ajP5s2obn8qAwMest2blplEtPMTpJjTRgZmPzcYjoSeOAvUHW75QykLkEnhvDdEEk5w3flO9Ohs6OKFD9NbvKWE62WiDhkVgzZPyOpD9ztCPZ_TSRPXujHXREgSNseyrb6iQgxa0f9VditlfYqhuM0_R-110IQTmMBCiV9qFS4cY4VZDiFx_iCr0kwebzr0Wzqraej6xaI3BZDEvf6WkE3I0TggIpqWHZtwUCEBbaRoLsPfkq2uvoRQ_QZ4swDjetTm5PQwTwnhZePn2FXKY5pnDy3CYBZnVWAviUzXaW23EJXcNy4QMBx53MOMkSqJr-wXBNdcQkLwpyAiumWi_g31MZt4faOaMhSXEjVwIZoYf_ceEXosiI_NWlAKR-GH-S1seabxBTdL5nWWDJu0Su6tFvo0qLcQcShRCm7kQbBNqAWZ3ymYkQ3ZOqGrZnvAzQ66MMV2gwVYlOapsLtIPl2KRi4RwB7Fwp9CHqTdbLdcRRLeaw30PwKFphcyPVb344Ws0Xt6J3clbWwbb8WcD-5WxVYH6EEVCVn4bBvhZ-3rIedzc7PpcK9B5Ddnj5bjY0dZ9fL0tW2iFLJJH7GwG7uWfZ4HwdoUrQOcnoeGAAzt9WIwDPiKRxfD5Hq9t-MN8DF9WYPxiZlvc1AG5797LcBjwa7IpnmZbsis7rZNACh0WlBxVwBKsmBA3UPJkxbUBXTKvHYZURwKlgkC_EefZtdtqkNuwHEshUHGkUDCwvKRk2hajFEmeIbGXfmne-953RFkQp_HM_4StjnPHTIVwrJFHKhN3o8rUXEHt0qY_n9zrGHCrtBaOOB528rjxEYNUa2I_-KiYbM6RjNE2g0B1VWKvKveuThKqtEZByffMKb6vukRePvP2TqcV9L8n0sAV5ZBxPMo-uLemAO8x_PGoQpIOn6YJQFRjGexj4jpDevvARf2E0tp_k7uQQRna1Mw2howp6Dk-3pthmQav0vxOyWKBJs-UodWSSaO3M0BXK-YKUwB2K8k9-qzo-RMj7lfHBrwORo-gsPKctnJ3baCTpM8d_yBM4Q3VbiFdCEzrjj_3G_8Nc6iGaIFPQtdquxnA7huiGoXMnFsDsMLoylekv5nnW6pmbLof20mFZhZ6HE5q3nP2cagxxcWAFM37-NK9ZkENMmB4dxUj1AzRAK2kXkD3FaCBUldebWZta7LmrvULe4ohIxC09lAbnPxD6HvvYQF2sOzdIiRDUYVSzF1qMugDggWPdOr6LINMNt7PWf4iy-7&cid=CAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d80fa44808b9011edded6804b3450868a7cb22add2cb7980c09e5bc903caf60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 675B
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxlTRyf_ojLgQGVwMBvvI2tV9sO5_jQqMQal9nLwPPMwI9JyqZVxvdYHO-zWUhKTUuvIohtQEWtlxMsjHQvaXZZuDd6JMyJhlPNsRiPZv9N04gOBA
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 675B
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 675B
123 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 675B
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
l
www.google.com/ads/measurement/ Frame 675B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXca6BVOgPe-tYzBjsCChpHWoGju6YEHUjeNxMly_QmjYRaBd4eTna5Byyp4soMV1fo5YsmLQqGmyO9x6Lff5TkjO2Rg
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame DEEE
624 B
300 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 Jan 2022 21:47:05 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D15C
72 KB
30 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRQlTBL_nRkeekKDAR4k09Mz4R8Of2XAsG-xMhr2KxxF7JBYvwGCkn4VXHiNJdix8YbmnEkzgebWhG1mTbqcJtrTXZQT_quYJ4EfuvIs8ExQQ8lT_5FoNZFtqoar6tqo3wGvNfhkd9hwl4JoWHiAaw443sSQ&dbm_d=AKAmf-AR66pPfiZeyT5FWO5HMePeTnT2QHEMQspma3QC-lnvEJ0N2-POnOVBMr0rHzwHTAnVSVPTE-_HMcqQJawiQqFFX9N23g5IeyUqIhvjCF_LD5DkIqZI7-nvwPYaEE3dBHHZwIv8ZD-tX6BNl8pN8YhVwEW0suz8E-ibS5Zr-7F7BkAAOIyu7cVtxOFQLaQ_zBMEGOzYuvOECwIwwW70odJyzLwIrbPaL_PWIvgCWAV4R4w83-v5vE3d1JSETyFjhMeZn6sRVclEFjhVOUas9lls4Ka0sIaHnNFfJczVgQaLH1HdQQ_dZ_c3ZhPQ7Ysyo0r1p3nTWMrkU5vDMEB-HSWW0WXKTL_-GawhDgFCIJFj_5VkMnmol-BzNSM5eeJvQHqeP2cTxN4UZMRGMXb4yCILNNM03vTawQvxhJ-W2EHn16XZaFjMsCsTPd2Ju2jJnCwOMjeeCPgRiCWyENeDxO8NkyNll2sKnqeriWH0D-H6LnOUYCwxsUTYl8MC_5NpjyXuhh1GZqpMFTsowlrmC3K4paVbp1N5mJN1XqlTWtwMWSIB-YiryK_lJ6YTYJBN3QcuE0wOWDQLTSGwmH_ox5_XrFeUNvKgzQc4yZxAoMu27jWM4qi4ie-TLi5rcgNFtIEhDsNi6TnpkUNgvs-KZtmI3fFzbxQmFV1wrHMunwEbbTmZ3RgmQtFYV_y2vr4Wdu_-4UysDdBVS5d1G529JrW5oaDfEFOyNFWUSaPki9XEwdfAqMQW58IMYtXFpozkHC3m9T3WiRR_nuhaIpUTwKtfTrvEKRlCzxPNZ74sRLKpL-r0ONMwOS2v3Ko5KY5cmiIDIp35XYOsJp036Q4zl0AuME_NgpMicCC9u1X6MJkHsXJXS4dkOmoz0TUJrVTj5tLvWUBOwblvljhbp_csoDfZ5yIU9_RiPle0Hd-cQd5gYV_oCTQ7ZlnZOK6uI2meDeWYCOQ-YiTq2CRn7aG6w63GgER-nVCth9M4Or7HYwbMcNxRPTlXxb-X7-GjUQjDNLFcydz5wZM8hnBJqBaujgpTYyyaRzA54spg87OofLvQfaukW2mBS43aoafoJr9O0CTDF_CbvaNDsNVpXA-MDAcge2DgS9qZ8QfeYSa1I_7WEcvzMx9bCCTxeWObC__cEtfzmIGg5ZLBwPXs9lyYAwdKd7RaNQtiENkxjl7d8Q1-aSPoG4Ceu1_hG9ko_wQe2dVsfzrexNNI86WfBORbxBdN5rnnPZM2SY7PuRues3OUUj3YKiz1tgZYCRpgkv66W4IxCr4Qo2a5xU6lkxdrKtmbftwyvwpqCDVStXXDeUBWMJXXhHAof1nWpYWQxrsPfph_2mjIYnr2oa66ToaHsok94H251q4iBjjcDO-RH_-Pcbl-XEqf_CLO9XgPkj_Kzhq4AVYR59gf501JCM9rj3W9-tHYqLp4iBu97sqG5CF1tlvLz7Mcz9xqhyZQSJGX2M-Cbyvv2ZEC4B59jDwuV10nWBTrarsA0VUvLncfTKy5i16BMA3xSwe1ogi7R3EXdATQSMJMpUud9mQRy-w-rlNgivGtNd2dyW0dCjHs8O-fJQ0I5ovu9M9XcaZFVogsK4Hf4_aipjwk-hPJY8-uJo1s82mpcm-udOAw_abaMsW-2MmwCPtAV5YoA70t46duxRKqhqG38zF0mshPlTZJpNernfA-c_zLXAxlnBIg3zLBb-qyK9Gel9euZQ68CdE3M2aKRVKZmVLo1rW0_hQuPkObMUlEb1FQmpg4BJAfCSj_ij4R9KpEkkvpMVWdV4azzb702XtJDm9N4yhduK4WgP-KHaGdPNgSTzfc8s3oSFfeuJpa5xu8-_0xBS3Q_2iBV4Lq7ZaQMDXN__THHUsDXwmIYywvFIAT5bFgW8kv4wUiygYCIlWFB-N-9GJTIlg-vhDn50IfjnUf1bsbbB9eHsL8PtUn92slcImDTwdDmKqzqRwNa1bTsTDp2Rw3QYZTLNNt_u2n6OHMgJeDvy9AKh6_LcgbnZU3ITXyrBQs2C4RHO5fDRt3OKa-y1ebYSYJhOAtWTx4vaDiimuYT0sXoCUZ4r97wDgMsqRCguC4DT-AHIWjzNi8_edQjWwfmmWZdYW5fuNs7EJq5jyVZJtdcQ86SuWtO5h-RMjqd1Tzs4_YLA5pMsqCWZXdpMsnm_fV54CmXa7IAApU-wGz_BP3_IC94zhe96eRjm6hDdDscEkZ3GyyTjLZX3NWauvgFUyDQqwzmwhNe3zdaCeUlGleeQhI4zayzS4sPlW_S1t4t6DgEheAiBiXl6OMwh97Zs1qBRlhNeS1aybyw6seS9GOPYYbFja0resuBN3yM-_fWRMAw6j0vZBcq1FLpbc_3Zza03NMGAYWVpxkB_P_waQBlyYDAN_gHpoMBfMBgWcvXBbpCw7DYw09Y6m3CjbAct6RanyQVGMHYHPJvY29m0TdzGIMFtQ0L3kYqSUzzh2tsIBdc11snkCoDazJU4ZGYRgAQxxM8Guo-MaJzLNNvvtmzOfus9uPrMLu_aAyOBknSFgVjzyiIZX4f_WcqN0Z4FWu4P9dgWX2kqOw8r32itAXpuXTl9SKvNxvoBaTtPsslugkyCZkeqpmeQ9sK78qLOktzvZEgYz1CDnDjddAYjRoTVoKGDHut7b1uUGz_LFn4v5z0k7U6mtuWHWprkvDrZY59o2i6pZza7KX6t9liOEiOxTb8iQp4xR7xZmDjBrlsJoorhm05uvJNrFCYQlVNGUDWtAJ8sC0JKMPCVdPJ80lUw_edcIYXCXSYoa64xTZK1-oWJsWo0xqOPE0XEcOWjtbJaEpyAnPZrIw6sXyBz92e1jtMQ6nn2rxvn8UnKSuL9alP9GYwKkZtqT4w2kCYfXW9EaRP7C_7SFL9kX2X35NYDSXXhK8WXtFEIy3BxN3ddgS45N1iURAnDezYhogBkQ15Op-sfMCfbiXxGKfeE3-EtsHpDJIFrKwRxS7BzAlqKhfpwC4EIaeLgmBg-v8x5iioLS0ax5Efg-Jkv06MzxhkmxdpgyBr9rcGxbbveNi8Q7XWTohWugN4uvEr1wpRSOVfjhdLEvzYC45nuzzP19smJtFVgO_-j5MyC9m-Y40dWstiOQrEtqQkseqVddVRkQ5ftrXka9y2K7CmCc8_0Hm7ESrhmCEMkk81XdTKeAzMowZaonmTAMTI1cevZsvRKUR9zNnk85mgBgdZtcBFXp-tIBrLL-k3e8f9uNifbkLYv_6GS95-i8GbtPoSWOJIHmOq_fVWJr1l5PeGO2UJUDv9VrDGq0gpk7evLEW-5GUih_aOyCPCW_jBWvbN0hW0xxEKk5zRb1z&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c8dfc5e67b17f50316f8c627d2011d95a83b834c53681e9be10dd665424fd05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30895
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D15C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DitiqIW3K2VF4bE8G7dEL9LE9a33KRxziE3xZ_HFNrQPFGrwCGTd4_04rD7gAyAe8jVyeMfOAWMDkb9DwDkYm-eWBHAjkVTTZYEOddAGqRBoSTDbk
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D15C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D15C
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D15C
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
l
www.google.com/ads/measurement/ Frame D15C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4Vq4HDMIrIBsuy7HJOhfSOvcxMFjils8bKFzqgjoFLKwLNAV5TYufi2iib_GWNN4zk8Y1WCQHqeC61G9aRmLdcpTVbw
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame CAA5
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 423F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol
HTTP/1.1
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2d23d64f-1753-4d2c-bb9e-6cadd42cac17
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOz7cA0YkVpxBDpor-NXKQg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 423F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXXITV8vvhk8405ac8svTpysmwdybZ6r3XlkrugUaj5WaHHJbdJT2kvYb8OvzPAgWqC58t6bEqj4dVf-1_BAGX347tKOp8ZgtxhpBVPwAk0qElp-yjaEam2XDADqM0uY7CkAKP0KVjPtK7c-Mr6ifoA9Sl719lJOnQXYF835kCKsZfvpw4
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4f353af2-9eb8-4a8d-be48-926759db0977
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MjY1NTYxNjc1MjgyNjY3Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DEEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOC80ReDECrWrJ_i03z98dM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DEEE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfcHWTFfNurtjbe-4o1kHAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB-Ln0m9NpVD1dTcAdoImP4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DEEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol
HTTP/1.1
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f85494cd-90e9-4d3c-8564-9082b68108cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGxb-mFVUizFuy0IJ9U698&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNUpsl3urwlTrtMVhfeolg2redl1PkYgDRCRFep3H8Kpi7SPgtFQ0fm4dtO_PU7TgzVWOjImpzLskES5iqJqTFaguHaUUILCb74cA7vSNtfs-OvdisXeGhoVEjA3z1WoBXSLfgnsx6GPQXKvpUEhMaeuEXTOOgxDsa82mqJDYDVES8k3FjI
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
36f0e808-c667-454d-b91b-f75734411d65
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTI1MTIyMjMwMTEyOTgwMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 695F
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 695F
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 695F
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options
nosniff
age
442037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 01 Feb 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 695F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
469740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 11:18:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 675B
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di874n8lNhfJ679K1jZEtbDM6gJ8fl9skZcb_FUMLW-27UVj6qcxXKs3Mjt3iodLJGUOXWrufVbsuPvP_JNiDodLaw-L9qNv3U_fVfnnfeb6Mo0Yji8g0UaSf0nSDZgDJOI_bwzeWsZtbVSX7Y8mypayvMLg&cry=1&dbm_d=AKAmf-A0Q9F3FJ3rK_vpauTBpi961ulXZlGAswKoaysLWCZWXB0ERP5xP3TkmGsf2RZddpUdbP-0zsxk3bdJyTx-ujH6dygu9dJCsNp59h6MRYKyYhS7_Muj4jNih1K8yjhynD3eBbDbOrDEWi6L8uhE1Rk6XT3ebJEtsuQ87jJXz-3P3uxCbPUeqMaMNQ1bZz_RGXu71BCEO08dl3CD93P180TBW5VcbQf3lbtSvXpkEp03K7iguGnbExlcexxO7hjhKZS1bHDTPeABUXZ5jFGfmcP1KoqaQevPQkf9Bx6deswdPZS-2l9JXGcW-1duM9oiMmELWlzKVj2nrbPsOnkPRWU972z6xSO3Jl5DHXB5y7kFL6fHoPmix7Pw3KEJRor2As-QeL-Z6JwUyVRn91qj8yoDcRBdvyeaOHRVUiQNSkJnmrxxfypB0KuoIs5gcrVRKvKdaB03uGNjdyO1ExUPCUfpxX6A2do2-E_ket5M6Xn65tJuhiCRzdUX_QEKI8GEoVs4B5Fr8tOL4kTbIHV5En7WsCT2MAl2JNN5T8R5-T4d8EPa1Tn-1F4K7tBvnC6U0yE5Z7zNTFg2JILewlPz1z5qSGW7zWv5RtsqIZiZePGiqE4WI4NWTucf5JIOh3-Cu6yiDrCFMqAy0UGE9cx2z0KMeGVr2jtLxpkLd3HN8T8hGLsaEnxxY9GBCW5KFLj4nHcB41ga1GuyrPt3MbqbeAxvfpKWctaKR-jBAWAtganEOo1P89lH_rzg_uX6vxqcagOyFL40Dr5nG492QEub4aXLdkBH3AwZfQ91Tc_7KJem9BWPD4hNZOeda-ja0IfdR5sLGyMgCoPC8YPHZJzxpD4MESAPtO6bGiGcOmSsjZ4AKmo5TXCXydRDREukMzHAw297TnY7jezDmGFLeH-7GlbF_I2br2-YGRF_qUNt7QFimF758KNJNB5sFHCOW4MS-R38uHc5KlesKd6r4NKIiuGdGTAyQuUSiyUX4EuQDLY57NIej0AcXb-kHyEKy_hHguxu-81atmtoxcNu8mZKhrQwxcoFL360Q9J1Z9VcWu9Q58bDZpy7dxnTFtsxxFs-uLPbNGeBxv-fQiBCPdWNtto8axMuNuD0POMFq3LJHvIFGn5FyL6xStsYSsUVK_AJGdfRnwRD0SAy70VCOeMeVkZqAnP4rsDK50VHgGTaVNOqEHEIhF6XqgTxhrRrj7q57hNaV9GhZUPoCdN6-LMvlucwQ4jZjRzXHOb4TrJPmwGD5TC6StqNU6m_SFH0BMpfAnHufzvsG-IEml8EeAHlNHAMwesNKg62IziOph4BVcbnUWsMjW_aDEwYZSr5DoO-dYmj7jAqX-quj_MsXLvzu2z2g4MEvcUtDArZIIouJCv--TeaAbBB07WadGKZ59S1aP41TUSfLpWC1enFwGJfed91wt4zArmvQr6dgH77tIjMnd2mehCXJMtloklYjYVUy8LCu870KbI5--ycDQgEz5UzYN6u4soSLIrAAEVB6YoTgeg6BqUiKNnNK2ccje7qvgrMOCd1fdpb8usiWV7Dl-W8ptffaCVeRqygFXMYO74oFpuY8h2CpdHz0NeLBnGfVQb8L3g0CYVXF2yvYj7BydatoIGIOuvrVqVS74wfOnXSixZDdQSv5xKuUKuEkMpkKb6x_ksJHUYgLzdTFn0uoxMg_WfyBZX_eRZhsCFJtNXJCpi-hykptrReFTWzDD9D0xMW4XfpkuKVtOklx3sYFVO-QIXzsxVnjBhfLUUi2r-cAQqJpc9ZMfqsDvxG7b2qU0T7VA9eYtzpH472jbcIMtnrh4yce5vmnEyr9z4lYA73mtdirpUUwA-KVzq-Hb3P119CrDRqeXLpJl0Q1mRs2XUIHta9xT1W8RpXIsR-O9bhBi49ybkXUzWFkdMGkO76WGnJBLv_pL6gzousSuT9cFbG6mNQhOaDwXexdIr0ZnQIdPxpKBKflSV3HPl2maTAO_cxTi0CNB85x1lEfnPEFqtx7ajP5s2obn8qAwMest2blplEtPMTpJjTRgZmPzcYjoSeOAvUHW75QykLkEnhvDdEEk5w3flO9Ohs6OKFD9NbvKWE62WiDhkVgzZPyOpD9ztCPZ_TSRPXujHXREgSNseyrb6iQgxa0f9VditlfYqhuM0_R-110IQTmMBCiV9qFS4cY4VZDiFx_iCr0kwebzr0Wzqraej6xaI3BZDEvf6WkE3I0TggIpqWHZtwUCEBbaRoLsPfkq2uvoRQ_QZ4swDjetTm5PQwTwnhZePn2FXKY5pnDy3CYBZnVWAviUzXaW23EJXcNy4QMBx53MOMkSqJr-wXBNdcQkLwpyAiumWi_g31MZt4faOaMhSXEjVwIZoYf_ceEXosiI_NWlAKR-GH-S1seabxBTdL5nWWDJu0Su6tFvo0qLcQcShRCm7kQbBNqAWZ3ymYkQ3ZOqGrZnvAzQ66MMV2gwVYlOapsLtIPl2KRi4RwB7Fwp9CHqTdbLdcRRLeaw30PwKFphcyPVb344Ws0Xt6J3clbWwbb8WcD-5WxVYH6EEVCVn4bBvhZ-3rIedzc7PpcK9B5Ddnj5bjY0dZ9fL0tW2iFLJJH7GwG7uWfZ4HwdoUrQOcnoeGAAzt9WIwDPiKRxfD5Hq9t-MN8DF9WYPxiZlvc1AG5797LcBjwa7IpnmZbsis7rZNACh0WlBxVwBKsmBA3UPJkxbUBXTKvHYZURwKlgkC_EefZtdtqkNuwHEshUHGkUDCwvKRk2hajFEmeIbGXfmne-953RFkQp_HM_4StjnPHTIVwrJFHKhN3o8rUXEHt0qY_n9zrGHCrtBaOOB528rjxEYNUa2I_-KiYbM6RjNE2g0B1VWKvKveuThKqtEZByffMKb6vukRePvP2TqcV9L8n0sAV5ZBxPMo-uLemAO8x_PGoQpIOn6YJQFRjGexj4jpDevvARf2E0tp_k7uQQRna1Mw2howp6Dk-3pthmQav0vxOyWKBJs-UodWSSaO3M0BXK-YKUwB2K8k9-qzo-RMj7lfHBrwORo-gsPKctnJ3baCTpM8d_yBM4Q3VbiFdCEzrjj_3G_8Nc6iGaIFPQtdquxnA7huiGoXMnFsDsMLoylekv5nnW6pmbLof20mFZhZ6HE5q3nP2cagxxcWAFM37-NK9ZkENMmB4dxUj1AzRAK2kXkD3FaCBUldebWZta7LmrvULe4ohIxC09lAbnPxD6HvvYQF2sOzdIiRDUYVSzF1qMugDggWPdOr6LINMNt7PWf4iy-7&cid=CAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:40:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 675B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di874n8lNhfJ679K1jZEtbDM6gJ8fl9skZcb_FUMLW-27UVj6qcxXKs3Mjt3iodLJGUOXWrufVbsuPvP_JNiDodLaw-L9qNv3U_fVfnnfeb6Mo0Yji8g0UaSf0nSDZgDJOI_bwzeWsZtbVSX7Y8mypayvMLg&cry=1&dbm_d=AKAmf-A0Q9F3FJ3rK_vpauTBpi961ulXZlGAswKoaysLWCZWXB0ERP5xP3TkmGsf2RZddpUdbP-0zsxk3bdJyTx-ujH6dygu9dJCsNp59h6MRYKyYhS7_Muj4jNih1K8yjhynD3eBbDbOrDEWi6L8uhE1Rk6XT3ebJEtsuQ87jJXz-3P3uxCbPUeqMaMNQ1bZz_RGXu71BCEO08dl3CD93P180TBW5VcbQf3lbtSvXpkEp03K7iguGnbExlcexxO7hjhKZS1bHDTPeABUXZ5jFGfmcP1KoqaQevPQkf9Bx6deswdPZS-2l9JXGcW-1duM9oiMmELWlzKVj2nrbPsOnkPRWU972z6xSO3Jl5DHXB5y7kFL6fHoPmix7Pw3KEJRor2As-QeL-Z6JwUyVRn91qj8yoDcRBdvyeaOHRVUiQNSkJnmrxxfypB0KuoIs5gcrVRKvKdaB03uGNjdyO1ExUPCUfpxX6A2do2-E_ket5M6Xn65tJuhiCRzdUX_QEKI8GEoVs4B5Fr8tOL4kTbIHV5En7WsCT2MAl2JNN5T8R5-T4d8EPa1Tn-1F4K7tBvnC6U0yE5Z7zNTFg2JILewlPz1z5qSGW7zWv5RtsqIZiZePGiqE4WI4NWTucf5JIOh3-Cu6yiDrCFMqAy0UGE9cx2z0KMeGVr2jtLxpkLd3HN8T8hGLsaEnxxY9GBCW5KFLj4nHcB41ga1GuyrPt3MbqbeAxvfpKWctaKR-jBAWAtganEOo1P89lH_rzg_uX6vxqcagOyFL40Dr5nG492QEub4aXLdkBH3AwZfQ91Tc_7KJem9BWPD4hNZOeda-ja0IfdR5sLGyMgCoPC8YPHZJzxpD4MESAPtO6bGiGcOmSsjZ4AKmo5TXCXydRDREukMzHAw297TnY7jezDmGFLeH-7GlbF_I2br2-YGRF_qUNt7QFimF758KNJNB5sFHCOW4MS-R38uHc5KlesKd6r4NKIiuGdGTAyQuUSiyUX4EuQDLY57NIej0AcXb-kHyEKy_hHguxu-81atmtoxcNu8mZKhrQwxcoFL360Q9J1Z9VcWu9Q58bDZpy7dxnTFtsxxFs-uLPbNGeBxv-fQiBCPdWNtto8axMuNuD0POMFq3LJHvIFGn5FyL6xStsYSsUVK_AJGdfRnwRD0SAy70VCOeMeVkZqAnP4rsDK50VHgGTaVNOqEHEIhF6XqgTxhrRrj7q57hNaV9GhZUPoCdN6-LMvlucwQ4jZjRzXHOb4TrJPmwGD5TC6StqNU6m_SFH0BMpfAnHufzvsG-IEml8EeAHlNHAMwesNKg62IziOph4BVcbnUWsMjW_aDEwYZSr5DoO-dYmj7jAqX-quj_MsXLvzu2z2g4MEvcUtDArZIIouJCv--TeaAbBB07WadGKZ59S1aP41TUSfLpWC1enFwGJfed91wt4zArmvQr6dgH77tIjMnd2mehCXJMtloklYjYVUy8LCu870KbI5--ycDQgEz5UzYN6u4soSLIrAAEVB6YoTgeg6BqUiKNnNK2ccje7qvgrMOCd1fdpb8usiWV7Dl-W8ptffaCVeRqygFXMYO74oFpuY8h2CpdHz0NeLBnGfVQb8L3g0CYVXF2yvYj7BydatoIGIOuvrVqVS74wfOnXSixZDdQSv5xKuUKuEkMpkKb6x_ksJHUYgLzdTFn0uoxMg_WfyBZX_eRZhsCFJtNXJCpi-hykptrReFTWzDD9D0xMW4XfpkuKVtOklx3sYFVO-QIXzsxVnjBhfLUUi2r-cAQqJpc9ZMfqsDvxG7b2qU0T7VA9eYtzpH472jbcIMtnrh4yce5vmnEyr9z4lYA73mtdirpUUwA-KVzq-Hb3P119CrDRqeXLpJl0Q1mRs2XUIHta9xT1W8RpXIsR-O9bhBi49ybkXUzWFkdMGkO76WGnJBLv_pL6gzousSuT9cFbG6mNQhOaDwXexdIr0ZnQIdPxpKBKflSV3HPl2maTAO_cxTi0CNB85x1lEfnPEFqtx7ajP5s2obn8qAwMest2blplEtPMTpJjTRgZmPzcYjoSeOAvUHW75QykLkEnhvDdEEk5w3flO9Ohs6OKFD9NbvKWE62WiDhkVgzZPyOpD9ztCPZ_TSRPXujHXREgSNseyrb6iQgxa0f9VditlfYqhuM0_R-110IQTmMBCiV9qFS4cY4VZDiFx_iCr0kwebzr0Wzqraej6xaI3BZDEvf6WkE3I0TggIpqWHZtwUCEBbaRoLsPfkq2uvoRQ_QZ4swDjetTm5PQwTwnhZePn2FXKY5pnDy3CYBZnVWAviUzXaW23EJXcNy4QMBx53MOMkSqJr-wXBNdcQkLwpyAiumWi_g31MZt4faOaMhSXEjVwIZoYf_ceEXosiI_NWlAKR-GH-S1seabxBTdL5nWWDJu0Su6tFvo0qLcQcShRCm7kQbBNqAWZ3ymYkQ3ZOqGrZnvAzQ66MMV2gwVYlOapsLtIPl2KRi4RwB7Fwp9CHqTdbLdcRRLeaw30PwKFphcyPVb344Ws0Xt6J3clbWwbb8WcD-5WxVYH6EEVCVn4bBvhZ-3rIedzc7PpcK9B5Ddnj5bjY0dZ9fL0tW2iFLJJH7GwG7uWfZ4HwdoUrQOcnoeGAAzt9WIwDPiKRxfD5Hq9t-MN8DF9WYPxiZlvc1AG5797LcBjwa7IpnmZbsis7rZNACh0WlBxVwBKsmBA3UPJkxbUBXTKvHYZURwKlgkC_EefZtdtqkNuwHEshUHGkUDCwvKRk2hajFEmeIbGXfmne-953RFkQp_HM_4StjnPHTIVwrJFHKhN3o8rUXEHt0qY_n9zrGHCrtBaOOB528rjxEYNUa2I_-KiYbM6RjNE2g0B1VWKvKveuThKqtEZByffMKb6vukRePvP2TqcV9L8n0sAV5ZBxPMo-uLemAO8x_PGoQpIOn6YJQFRjGexj4jpDevvARf2E0tp_k7uQQRna1Mw2howp6Dk-3pthmQav0vxOyWKBJs-UodWSSaO3M0BXK-YKUwB2K8k9-qzo-RMj7lfHBrwORo-gsPKctnJ3baCTpM8d_yBM4Q3VbiFdCEzrjj_3G_8Nc6iGaIFPQtdquxnA7huiGoXMnFsDsMLoylekv5nnW6pmbLof20mFZhZ6HE5q3nP2cagxxcWAFM37-NK9ZkENMmB4dxUj1AzRAK2kXkD3FaCBUldebWZta7LmrvULe4ohIxC09lAbnPxD6HvvYQF2sOzdIiRDUYVSzF1qMugDggWPdOr6LINMNt7PWf4iy-7&cid=CAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Jan 2023 21:45:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 695F
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT&co=aHR0cHM6Ly93d3cuamFnb2Fuc3NoLmNvbTo0NDM.&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=normal&cb=f8up7o7o08hq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 30 Jan 2022 21:47:05 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D15C
106 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Origin
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 11:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 11:11:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame D15C
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRQlTBL_nRkeekKDAR4k09Mz4R8Of2XAsG-xMhr2KxxF7JBYvwGCkn4VXHiNJdix8YbmnEkzgebWhG1mTbqcJtrTXZQT_quYJ4EfuvIs8ExQQ8lT_5FoNZFtqoar6tqo3wGvNfhkd9hwl4JoWHiAaw443sSQ&dbm_d=AKAmf-AR66pPfiZeyT5FWO5HMePeTnT2QHEMQspma3QC-lnvEJ0N2-POnOVBMr0rHzwHTAnVSVPTE-_HMcqQJawiQqFFX9N23g5IeyUqIhvjCF_LD5DkIqZI7-nvwPYaEE3dBHHZwIv8ZD-tX6BNl8pN8YhVwEW0suz8E-ibS5Zr-7F7BkAAOIyu7cVtxOFQLaQ_zBMEGOzYuvOECwIwwW70odJyzLwIrbPaL_PWIvgCWAV4R4w83-v5vE3d1JSETyFjhMeZn6sRVclEFjhVOUas9lls4Ka0sIaHnNFfJczVgQaLH1HdQQ_dZ_c3ZhPQ7Ysyo0r1p3nTWMrkU5vDMEB-HSWW0WXKTL_-GawhDgFCIJFj_5VkMnmol-BzNSM5eeJvQHqeP2cTxN4UZMRGMXb4yCILNNM03vTawQvxhJ-W2EHn16XZaFjMsCsTPd2Ju2jJnCwOMjeeCPgRiCWyENeDxO8NkyNll2sKnqeriWH0D-H6LnOUYCwxsUTYl8MC_5NpjyXuhh1GZqpMFTsowlrmC3K4paVbp1N5mJN1XqlTWtwMWSIB-YiryK_lJ6YTYJBN3QcuE0wOWDQLTSGwmH_ox5_XrFeUNvKgzQc4yZxAoMu27jWM4qi4ie-TLi5rcgNFtIEhDsNi6TnpkUNgvs-KZtmI3fFzbxQmFV1wrHMunwEbbTmZ3RgmQtFYV_y2vr4Wdu_-4UysDdBVS5d1G529JrW5oaDfEFOyNFWUSaPki9XEwdfAqMQW58IMYtXFpozkHC3m9T3WiRR_nuhaIpUTwKtfTrvEKRlCzxPNZ74sRLKpL-r0ONMwOS2v3Ko5KY5cmiIDIp35XYOsJp036Q4zl0AuME_NgpMicCC9u1X6MJkHsXJXS4dkOmoz0TUJrVTj5tLvWUBOwblvljhbp_csoDfZ5yIU9_RiPle0Hd-cQd5gYV_oCTQ7ZlnZOK6uI2meDeWYCOQ-YiTq2CRn7aG6w63GgER-nVCth9M4Or7HYwbMcNxRPTlXxb-X7-GjUQjDNLFcydz5wZM8hnBJqBaujgpTYyyaRzA54spg87OofLvQfaukW2mBS43aoafoJr9O0CTDF_CbvaNDsNVpXA-MDAcge2DgS9qZ8QfeYSa1I_7WEcvzMx9bCCTxeWObC__cEtfzmIGg5ZLBwPXs9lyYAwdKd7RaNQtiENkxjl7d8Q1-aSPoG4Ceu1_hG9ko_wQe2dVsfzrexNNI86WfBORbxBdN5rnnPZM2SY7PuRues3OUUj3YKiz1tgZYCRpgkv66W4IxCr4Qo2a5xU6lkxdrKtmbftwyvwpqCDVStXXDeUBWMJXXhHAof1nWpYWQxrsPfph_2mjIYnr2oa66ToaHsok94H251q4iBjjcDO-RH_-Pcbl-XEqf_CLO9XgPkj_Kzhq4AVYR59gf501JCM9rj3W9-tHYqLp4iBu97sqG5CF1tlvLz7Mcz9xqhyZQSJGX2M-Cbyvv2ZEC4B59jDwuV10nWBTrarsA0VUvLncfTKy5i16BMA3xSwe1ogi7R3EXdATQSMJMpUud9mQRy-w-rlNgivGtNd2dyW0dCjHs8O-fJQ0I5ovu9M9XcaZFVogsK4Hf4_aipjwk-hPJY8-uJo1s82mpcm-udOAw_abaMsW-2MmwCPtAV5YoA70t46duxRKqhqG38zF0mshPlTZJpNernfA-c_zLXAxlnBIg3zLBb-qyK9Gel9euZQ68CdE3M2aKRVKZmVLo1rW0_hQuPkObMUlEb1FQmpg4BJAfCSj_ij4R9KpEkkvpMVWdV4azzb702XtJDm9N4yhduK4WgP-KHaGdPNgSTzfc8s3oSFfeuJpa5xu8-_0xBS3Q_2iBV4Lq7ZaQMDXN__THHUsDXwmIYywvFIAT5bFgW8kv4wUiygYCIlWFB-N-9GJTIlg-vhDn50IfjnUf1bsbbB9eHsL8PtUn92slcImDTwdDmKqzqRwNa1bTsTDp2Rw3QYZTLNNt_u2n6OHMgJeDvy9AKh6_LcgbnZU3ITXyrBQs2C4RHO5fDRt3OKa-y1ebYSYJhOAtWTx4vaDiimuYT0sXoCUZ4r97wDgMsqRCguC4DT-AHIWjzNi8_edQjWwfmmWZdYW5fuNs7EJq5jyVZJtdcQ86SuWtO5h-RMjqd1Tzs4_YLA5pMsqCWZXdpMsnm_fV54CmXa7IAApU-wGz_BP3_IC94zhe96eRjm6hDdDscEkZ3GyyTjLZX3NWauvgFUyDQqwzmwhNe3zdaCeUlGleeQhI4zayzS4sPlW_S1t4t6DgEheAiBiXl6OMwh97Zs1qBRlhNeS1aybyw6seS9GOPYYbFja0resuBN3yM-_fWRMAw6j0vZBcq1FLpbc_3Zza03NMGAYWVpxkB_P_waQBlyYDAN_gHpoMBfMBgWcvXBbpCw7DYw09Y6m3CjbAct6RanyQVGMHYHPJvY29m0TdzGIMFtQ0L3kYqSUzzh2tsIBdc11snkCoDazJU4ZGYRgAQxxM8Guo-MaJzLNNvvtmzOfus9uPrMLu_aAyOBknSFgVjzyiIZX4f_WcqN0Z4FWu4P9dgWX2kqOw8r32itAXpuXTl9SKvNxvoBaTtPsslugkyCZkeqpmeQ9sK78qLOktzvZEgYz1CDnDjddAYjRoTVoKGDHut7b1uUGz_LFn4v5z0k7U6mtuWHWprkvDrZY59o2i6pZza7KX6t9liOEiOxTb8iQp4xR7xZmDjBrlsJoorhm05uvJNrFCYQlVNGUDWtAJ8sC0JKMPCVdPJ80lUw_edcIYXCXSYoa64xTZK1-oWJsWo0xqOPE0XEcOWjtbJaEpyAnPZrIw6sXyBz92e1jtMQ6nn2rxvn8UnKSuL9alP9GYwKkZtqT4w2kCYfXW9EaRP7C_7SFL9kX2X35NYDSXXhK8WXtFEIy3BxN3ddgS45N1iURAnDezYhogBkQ15Op-sfMCfbiXxGKfeE3-EtsHpDJIFrKwRxS7BzAlqKhfpwC4EIaeLgmBg-v8x5iioLS0ax5Efg-Jkv06MzxhkmxdpgyBr9rcGxbbveNi8Q7XWTohWugN4uvEr1wpRSOVfjhdLEvzYC45nuzzP19smJtFVgO_-j5MyC9m-Y40dWstiOQrEtqQkseqVddVRkQ5ftrXka9y2K7CmCc8_0Hm7ESrhmCEMkk81XdTKeAzMowZaonmTAMTI1cevZsvRKUR9zNnk85mgBgdZtcBFXp-tIBrLL-k3e8f9uNifbkLYv_6GS95-i8GbtPoSWOJIHmOq_fVWJr1l5PeGO2UJUDv9VrDGq0gpk7evLEW-5GUih_aOyCPCW_jBWvbN0hW0xxEKk5zRb1z&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:39:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame D15C
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRQlTBL_nRkeekKDAR4k09Mz4R8Of2XAsG-xMhr2KxxF7JBYvwGCkn4VXHiNJdix8YbmnEkzgebWhG1mTbqcJtrTXZQT_quYJ4EfuvIs8ExQQ8lT_5FoNZFtqoar6tqo3wGvNfhkd9hwl4JoWHiAaw443sSQ&dbm_d=AKAmf-AR66pPfiZeyT5FWO5HMePeTnT2QHEMQspma3QC-lnvEJ0N2-POnOVBMr0rHzwHTAnVSVPTE-_HMcqQJawiQqFFX9N23g5IeyUqIhvjCF_LD5DkIqZI7-nvwPYaEE3dBHHZwIv8ZD-tX6BNl8pN8YhVwEW0suz8E-ibS5Zr-7F7BkAAOIyu7cVtxOFQLaQ_zBMEGOzYuvOECwIwwW70odJyzLwIrbPaL_PWIvgCWAV4R4w83-v5vE3d1JSETyFjhMeZn6sRVclEFjhVOUas9lls4Ka0sIaHnNFfJczVgQaLH1HdQQ_dZ_c3ZhPQ7Ysyo0r1p3nTWMrkU5vDMEB-HSWW0WXKTL_-GawhDgFCIJFj_5VkMnmol-BzNSM5eeJvQHqeP2cTxN4UZMRGMXb4yCILNNM03vTawQvxhJ-W2EHn16XZaFjMsCsTPd2Ju2jJnCwOMjeeCPgRiCWyENeDxO8NkyNll2sKnqeriWH0D-H6LnOUYCwxsUTYl8MC_5NpjyXuhh1GZqpMFTsowlrmC3K4paVbp1N5mJN1XqlTWtwMWSIB-YiryK_lJ6YTYJBN3QcuE0wOWDQLTSGwmH_ox5_XrFeUNvKgzQc4yZxAoMu27jWM4qi4ie-TLi5rcgNFtIEhDsNi6TnpkUNgvs-KZtmI3fFzbxQmFV1wrHMunwEbbTmZ3RgmQtFYV_y2vr4Wdu_-4UysDdBVS5d1G529JrW5oaDfEFOyNFWUSaPki9XEwdfAqMQW58IMYtXFpozkHC3m9T3WiRR_nuhaIpUTwKtfTrvEKRlCzxPNZ74sRLKpL-r0ONMwOS2v3Ko5KY5cmiIDIp35XYOsJp036Q4zl0AuME_NgpMicCC9u1X6MJkHsXJXS4dkOmoz0TUJrVTj5tLvWUBOwblvljhbp_csoDfZ5yIU9_RiPle0Hd-cQd5gYV_oCTQ7ZlnZOK6uI2meDeWYCOQ-YiTq2CRn7aG6w63GgER-nVCth9M4Or7HYwbMcNxRPTlXxb-X7-GjUQjDNLFcydz5wZM8hnBJqBaujgpTYyyaRzA54spg87OofLvQfaukW2mBS43aoafoJr9O0CTDF_CbvaNDsNVpXA-MDAcge2DgS9qZ8QfeYSa1I_7WEcvzMx9bCCTxeWObC__cEtfzmIGg5ZLBwPXs9lyYAwdKd7RaNQtiENkxjl7d8Q1-aSPoG4Ceu1_hG9ko_wQe2dVsfzrexNNI86WfBORbxBdN5rnnPZM2SY7PuRues3OUUj3YKiz1tgZYCRpgkv66W4IxCr4Qo2a5xU6lkxdrKtmbftwyvwpqCDVStXXDeUBWMJXXhHAof1nWpYWQxrsPfph_2mjIYnr2oa66ToaHsok94H251q4iBjjcDO-RH_-Pcbl-XEqf_CLO9XgPkj_Kzhq4AVYR59gf501JCM9rj3W9-tHYqLp4iBu97sqG5CF1tlvLz7Mcz9xqhyZQSJGX2M-Cbyvv2ZEC4B59jDwuV10nWBTrarsA0VUvLncfTKy5i16BMA3xSwe1ogi7R3EXdATQSMJMpUud9mQRy-w-rlNgivGtNd2dyW0dCjHs8O-fJQ0I5ovu9M9XcaZFVogsK4Hf4_aipjwk-hPJY8-uJo1s82mpcm-udOAw_abaMsW-2MmwCPtAV5YoA70t46duxRKqhqG38zF0mshPlTZJpNernfA-c_zLXAxlnBIg3zLBb-qyK9Gel9euZQ68CdE3M2aKRVKZmVLo1rW0_hQuPkObMUlEb1FQmpg4BJAfCSj_ij4R9KpEkkvpMVWdV4azzb702XtJDm9N4yhduK4WgP-KHaGdPNgSTzfc8s3oSFfeuJpa5xu8-_0xBS3Q_2iBV4Lq7ZaQMDXN__THHUsDXwmIYywvFIAT5bFgW8kv4wUiygYCIlWFB-N-9GJTIlg-vhDn50IfjnUf1bsbbB9eHsL8PtUn92slcImDTwdDmKqzqRwNa1bTsTDp2Rw3QYZTLNNt_u2n6OHMgJeDvy9AKh6_LcgbnZU3ITXyrBQs2C4RHO5fDRt3OKa-y1ebYSYJhOAtWTx4vaDiimuYT0sXoCUZ4r97wDgMsqRCguC4DT-AHIWjzNi8_edQjWwfmmWZdYW5fuNs7EJq5jyVZJtdcQ86SuWtO5h-RMjqd1Tzs4_YLA5pMsqCWZXdpMsnm_fV54CmXa7IAApU-wGz_BP3_IC94zhe96eRjm6hDdDscEkZ3GyyTjLZX3NWauvgFUyDQqwzmwhNe3zdaCeUlGleeQhI4zayzS4sPlW_S1t4t6DgEheAiBiXl6OMwh97Zs1qBRlhNeS1aybyw6seS9GOPYYbFja0resuBN3yM-_fWRMAw6j0vZBcq1FLpbc_3Zza03NMGAYWVpxkB_P_waQBlyYDAN_gHpoMBfMBgWcvXBbpCw7DYw09Y6m3CjbAct6RanyQVGMHYHPJvY29m0TdzGIMFtQ0L3kYqSUzzh2tsIBdc11snkCoDazJU4ZGYRgAQxxM8Guo-MaJzLNNvvtmzOfus9uPrMLu_aAyOBknSFgVjzyiIZX4f_WcqN0Z4FWu4P9dgWX2kqOw8r32itAXpuXTl9SKvNxvoBaTtPsslugkyCZkeqpmeQ9sK78qLOktzvZEgYz1CDnDjddAYjRoTVoKGDHut7b1uUGz_LFn4v5z0k7U6mtuWHWprkvDrZY59o2i6pZza7KX6t9liOEiOxTb8iQp4xR7xZmDjBrlsJoorhm05uvJNrFCYQlVNGUDWtAJ8sC0JKMPCVdPJ80lUw_edcIYXCXSYoa64xTZK1-oWJsWo0xqOPE0XEcOWjtbJaEpyAnPZrIw6sXyBz92e1jtMQ6nn2rxvn8UnKSuL9alP9GYwKkZtqT4w2kCYfXW9EaRP7C_7SFL9kX2X35NYDSXXhK8WXtFEIy3BxN3ddgS45N1iURAnDezYhogBkQ15Op-sfMCfbiXxGKfeE3-EtsHpDJIFrKwRxS7BzAlqKhfpwC4EIaeLgmBg-v8x5iioLS0ax5Efg-Jkv06MzxhkmxdpgyBr9rcGxbbveNi8Q7XWTohWugN4uvEr1wpRSOVfjhdLEvzYC45nuzzP19smJtFVgO_-j5MyC9m-Y40dWstiOQrEtqQkseqVddVRkQ5ftrXka9y2K7CmCc8_0Hm7ESrhmCEMkk81XdTKeAzMowZaonmTAMTI1cevZsvRKUR9zNnk85mgBgdZtcBFXp-tIBrLL-k3e8f9uNifbkLYv_6GS95-i8GbtPoSWOJIHmOq_fVWJr1l5PeGO2UJUDv9VrDGq0gpk7evLEW-5GUih_aOyCPCW_jBWvbN0hW0xxEKk5zRb1z&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&rfl=1%2Chttps%253A%252F%252Fwww.jagoanssh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:40:24 GMT
css
fonts.googleapis.com/ Frame 28E7
8 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:13:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:05 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7
1 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F971
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C411GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhExPiMLtk6Hb-H5q72m-X2bt_-7dtUahYcJuxzq-IECJCnyJO7C34AGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=IT96SQTGi2E&uach_m=[UACH]&cid=CAQSGwCNIrLMnwsQm6HWa6VjQEB2BcY62NcOmTKllBgB&tpd=AGWhJmu2V7K1R9Y7c_08jdZw97LCdBoYJ_Odr_ph4edFSaeec5gJkh1rofzMCPhqLoJMhYUPK8wPrCDlBEW50TbSEeYntm_ffFzzhCYRj6DaRZAPSJBFBioPdPEVHJd5kTOWrREwe-f8_OoGyIBhsc2mXI4JU7LXjDWRtnG3OgePCr3p3aLHiEkTtjKGq37c_jB1GlPQmoVicPZ43I0He5XN21cYlBKhO4AC1iVlBijQBnw4CyGelONsUrT3-ndNq7vmqfovO__0GgUwR8CrsT6kDS1zFL2uI3UNxnyzwlUmWWsDD0hf1awu8xxgtZJsaAjdcqTbhvM4ZMiBmUCar3kuXwelyjP_oDRcwtO9vojwXnLU_6-Ktog6Dcg_qoOMSWxal1A4j1Z1O0Tl1tYAy9ZfgAMKzXEURbTVt3B0-scmuWWncbAYHLNNTLXpOXCesA5zVXdVo2RpLQagdolJ4p87TBI35MfgNt45Nrgb01k-hff_6mdTvG_G6TAIi45eYwWBJug0Xhte8JqYj608PE5h2yZ88Yec_A04UgcYnuNcKO2fztWw0w0PQocPu9h1_jecjD2jbOFGh2yifflLpIwUJKUtmvJ2SZh-gq6s0C-Lsqbd0lllPE0VR915ysjBLBAkl1sD23jfyB-KMczADrGjapUFCaBYBt8u9v2Ne3t2Xqay4ZwP818VWzuwwgI_rYxjQR_eZR1L9iY12jzEADOQ6u49jqWduvfsOfhV_2QVMxRGrpjYeEDoqWW9hkPboBrg4yqWIfsP6LLaNlICRNGChwxAeVu7sMYwF197Q2MSNNuKWsMCsgO13Y1gzQ40hfvf53l-UX99HA3hf1cNw3ZS6gtMsP3-aiZy8sbYyjKNhcGF0hz_y_D54NvD1Miz0rMMjtgS453iORZSUskFhEoQNmyVaWfTFD4Av0OwZkJ1f5fDHvaL93PG-r14GXLMCQVzDu_yQEYgPR6x6G731E0f2mKkbQ-hvswJlRiu_jmjGrWzfdK26rQjIf7tSt5DJH_LVwKB1qN4YAN11n7-JnhKlgzVLJSebQUr0893bdzoiGGnJfx1Y_6Hz9O30A8iRdwHRN4
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 Jan 2022 21:47:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame F971
2 KB
2 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
6de40905de741f102a7901a3e62cfbd9424555aa62d247ad8d68ec266d5dd92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1643579225
Last-Modified
Sun, 30 Jan 2022 21:47:05 GMT
Server
MMBD/3.300.0
x-mm-latency
22 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x39, cdg-bidder-x52
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sun, 30 Jan 2022 21:47:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F971
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F971
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F971
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 28E7
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 28E7
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 28E7
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 28E7
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 02:23:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 27 Apr 2022 16:51:03 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9405
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90c5e879a6bb719bd591edb94ed0a04539f91b5055a274575a38f7e14fb776d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pP/QE1T+5+g1gR2B2bfvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 Jan 2022 21:47:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-pP/QE1T+5+g1gR2B2bfvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
downsize_200k_v1
tpc.googlesyndication.com/simgad/11208049994575907339/ Frame 28E7
37 KB
37 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11208049994575907339/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66f813da14d17d7228fde504ae1e7f073d14876cd92f51abd3d8fe4cc5edf5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:13:47 GMT
x-content-type-options
nosniff
age
1998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37605
x-xss-protection
0
last-modified
Fri, 12 Jul 2019 16:33:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Jan 2023 21:13:47 GMT
truncated
/ Frame 28E7
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 28E7
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8B2
6 KB
3 KB
Document
General
Full URL
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 21:47:05 GMT
expires
Mon, 30 Jan 2023 21:47:05 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 28E7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWGijWQf3YfTMEY2IxdwP5MmC2AeB2aCwXKTkstW2DZCDhZ4LEAEguqTUZWCV4pCCoAegAdOc-L0DyAEJqQLm-aeNeXpLPqgDAcgDywSqBNQBT9BdTddFcVAHSdNz3B8Z29q2U8IOw4XH2Qkn1GV5Ewjh1asP66BD62o5pk3C2F5Up381L0kaD27Xwvgqek61-ndWNyj5Flt62T-sBEof0heldTIS5IfvgnQ1HkN6gOp7DFSxMfale_9p8tz0RlKBySGWqOko5XLvxLbEQRU2q5nP6-Fvxj0wG7BlHNwfwmsBCL3AjFNMv0HKEuwzSxAunEZsQ7v4cet4TcbD2NjW3n1_7t16NoWh5HPerrZFEAxVyPz07ulf5xu5Jxv9yIXA2peQNw3ABKHu54uKAZIFBAgEGAGSBQQIBRgEoAYugAeV44dCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6aYF0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTQzODk5NjE3NjU5MjY2GAA&sigh=XzFctByBU3c&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 Jan 2022 21:47:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B6E6
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 17:31:54 GMT
expires
Sun, 29 Jan 2023 17:31:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4as54di69f4s
hal9000.redintelligence.net/zone/ Frame 675B
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e76ce1a225599c0b17c4a4c4b3b49bb0afdaa2b7e0bc7581ec5b9f524c8c5857

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3968
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D15C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Jan 2023 21:45:19 GMT
truncated
/ Frame D15C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ebfc313a59d63927ed3d9c43d2210ff5594f2cbaf95137faf804b139b343bb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame CAA5
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?qPU4KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
h78o6ojw9z7r
hal9000.redintelligence.net/zone/ Frame F971
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=6249250641117210892&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
1c02a93417c62551493ed97235c99ef7b6ebd49f04e97005be613fdccfd98294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3425
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame F971
49 B
329 B
Image
General
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6249250641117210892&node_id=355&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x76, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 30 Jan 2022 21:47:04 GMT
img
pixel.mathtag.com/event/ Frame F971
43 B
404 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6249250641117210892&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:04 GMT
img
tags.mathtag.com/event/ Frame F971
49 B
329 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6249250641117210892&st=4562306&time=1643579225&nodeid=355
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RGa00yUTBNalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDkyNTA2NDExMTcyMTA4OTIvNjYyMjMyOC80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1pZd1l0aUd1dWZ0bmV5RXBOemFJYy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjQ5MjUwNjQxMTE3MjEwODkyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNS8xNjQzNTkxODI1LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/NBXyvnH37oF_s8iNoB4feMVBCfg&nodeid=355&group=cdg&auctionid=6249250641117210892&shardkey=6249250641117210892&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x66, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 30 Jan 2022 21:47:04 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9405
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 16:48:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9405
355 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LcNmUwUAAAAAKzwlxLLX__CZpwjL1V8OScSaFyT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 20:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143285
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 20:54:16 GMT
request.php
hal900013.redintelligence.net/ Frame 675B
Redirect Chain
  • https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB
Script
General
Full URL
https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
879644896c5fdb364366c5efbf1cb7981527397b0f1455ae7fc4231b3c7061a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
39428600313163300757589011855013
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
955
Expires
Sun, 30 Jan 2022 21:47:06 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:05 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 30 Jan 2022 21:47:05 +0100
index.html
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736
4 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edea4757f61c1a939af7dbe2a2c9cee16982c870a7ffe110948ae01503a7150b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1545
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 15:24:32 GMT
expires
Fri, 27 Jan 2023 15:24:32 GMT
cache-control
public, max-age=31536000
age
282153
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D15C
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoJN8wbKVy-iuLDPqxtTFSB7id-kJkuiGzYMJ0TqWY4B9M2f2an0miqdrJOidA33afmjNz1rJSKhz6hgPYfJ1syebXvAHzB8ol9nEy2azPAJhOm8x_lx8VrGctevGh6dYO-AqRWWf3F8LphjAbrjzir7L4YkjcjclvAHAphW3Yn3L37-uQR7KZLFRHNVwfUJmwMr7bdR13nyA2xzHVSZyoRTPFOk5o5jhd_hpRP2KgQBAxB6galIYIhR0MZ4jZZf0W0a6yGhpITm44h6vm04NB2kEOEZJbNGgsJ-U0fCNCtEvTK6-2h67Pbk748eu0RdG4LDmSLQEms3ZWPK4uizT4pXJ7EGkqf3c6Zi8hWaZ9s4bbO2p5g0pnNIedqWPhxouup2HUS9WIL9jwCDzhXTxFwJRE2gYbprGiXZyfvdJGGDQwUQbJG4yWj-UZsmxheDhuAz5qAwx1jJviEh5hxi77qBIkgH7YfS7Xgy9ByRTZL1hPPYOf7CGqwmmtz2XD_28BvSngT32Bylg0Gndy9tScsKwKHTf5ftK510TpCxUPliiUi2tiF0UG0ldxRqvD6uhEWnFpZN1KT-zwtvROfsH79hb2nAbCBFC71ZmXbZWXvo-dsLoqs1HqwNYhYPqxqnU3d9z8OjktN8L61j4DECQB4Ez14IVECFDL3WqRWuqB5FsQ1RTOCzO0K8ma8v5f3XeSwl1KZweSbWvbO-7k41o-DNTePfNHNE8aJin8hcPZr_wAJkMGzPbSgv2xmnptuNa029EOX1s2NJYMQjExefnoN8a5QWjIl0b6FTNacHAz2hasmWZc1on_fvIx0uTRkw9DAVZU5tQlY1ApsUCknuTnkFhzZfW5lgE0uy33SH9DKBAVco8YRsrlhFh1ku_GSmNCCyXucY3A5T90Jn6o3WxAu4OsM7by-rEP0Mk8UHSD1iTrjKAgKsa-dHfk_U2AjBGxUzhQ86r3OygTRXJw2aHvS3quS4MwW8cDZgVL5qsJbuZr6JpCD0hQkXC4rg7Qpu_xJFQzSR0xSrTsuI045P0v5orayISvjSrx8b5rPWdw_xw_A4pG1IdICYNXEnY75lvJM0Hx26Wy4Is9ua1vwDOYbG5jLm4cmrKP6lPKqS50F4eDL6LoVARyQ7IGgOFh-d68is2hO7V6qNDLbJu1ZT3ImYQ0-slOWn9movg8h9LSm5V006c4hLIxesU1iDjKVdS3Rdlnv2SRt7WnsgCu&sai=AMfl-YR7QQTDdTe7aqNOmubpV6ElwKVqFdAtlOl1WjDN_HDVwuGmLoeQ32L5Lic0cRckjMLKWnn1FXQSL6j_VIiZoss5ipDGCmQagCF_IxrAx4vcGKfY98PKKtRu5qzli5b5333ORTn8GXD94DtronL8e8EFP4UL7P_vDhr1TP0&sig=Cg0ArKJSzFpUu6_j1lUTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&cbvp=1&cstd=229&cisv=r20220126.70559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 30 Jan 2022 21:47:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame C8B2
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnCx7PK43KMlijCZcPHIeutNlw78-w2lrt2VWzXt4_RGERwects6tLtC2rgNLMLLzy4hq56wX06d6ORj8G-97V6ndrpBiRlnpTQJks9lSOCdv2OvdovOv7rwyZPxFKlhDNxEVhhTOKr2t2OK7NPS9FtE1O8RtE8CEtpLfrqN6I44ul4HE7sjs922fwG7dmuAbHX8wSc_SBUvEy0ha_ThKcgNOEl3R-C8DhtrpuhUeFemc51ekQMegcm3fSlwFSPHrAqGEEcN7WCivaaWFY6T_p3du9ujw3Nrmr-jBjRTEidShYe8GVwDJ9IBKDCocfsZt-8KI07c9gHMqo48fmkC60I8yIeWxdbbhHiU-ug2ia4QOWRCh3utG2__MFSZZCu_oI6mBErUtmCTHUY6McXmKvk_iaq8KGUlk_aWByRYYUTHRkTAWVH-PdSeX_bVRQNWx_azIZBIjmor93D89FQnqxodvOtYiBHX7n9Re5LqfcMz8TxovhRPFjq5HtTqZGur3GZjAcWBsUbQbbL1RURs4P4O6ho6V55TCbNxFGMb2DX55-pBnPgDgG_-gz9huIfRijAzUfHm9rS14TkNylrn-kmAukoC8Si7bRMBSfNtxMbMPaFkRif4MFjMOvVb21gyz-_KbM4l7IEe5xLGcLUnBLYIwNpMOrUTm1ONQflnq0nN_YlNahi0o4oOq-w-ijW54IRO_I8vesdbG_M96t1w5lBp7FTUuCc71gn069PPllVa-1hl1rbiN7pa2x_8VeAiYB7RDSs9tunyanwUt-qFeGQgH7n99bAwAAtHuADe9xnf2WibxEu2lBRlCtsQKKPdgL27tub-VblwB3S9hkwd8UV4iL-Md9Be3QLdtL4kQd72mq3dCNECyDf8jHIQkvsbbOzkRwdnJxfYkNmaUiNPqKJ18mdKr4jKYvFTczhqo2d011XZchVjs9TkddCxsZZECGcrl0eaAKxgY4L4oPcCpinCNQq32uOJ5TegdxgBSG8P947wMOcBw8h_rHOE0CuGqeCa1UBY-xjfRY_b9DyG97b2GTiEvu1G-uAicQgvGhNUZ23J6CmCc4w9yp-_YUz4NJrDs98aqlb6bxm5hyUMirYyrv-V7fyNo_HS1IX4QReqjvqEJ3kwM&sai=AMfl-YS1VVCx_xR-P6HLnOUSwqznkyPFNZs-eKkwrO182HdRTXf9wq53vUPcTA&sig=Cg0ArKJSzJVl5cGdgJKAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 30 Jan 2022 21:47:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C8B2
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Jan 2023 21:45:19 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12848
x-xss-protection
0
server
cafe
etag
11198992762603823889
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8B2
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C8B2
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
l
www.google.com/ads/measurement/ Frame C8B2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyflyViG9hB1v2-6lsVrY-ATLMXTWydRvirh2XcVg0lKd6QWbF-gY6NwcO8fVB2cyMnjM7lSc7mPuQE3yfQmHEI2Wsbw
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame C8B2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:52 GMT
1699561234219870365
s0.2mdn.net/simgad/ Frame C8B2
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1699561234219870365
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cee9118aab4a91f88c194ade05a1b2be68b66b2ce2dcc2cb5ca081ad39269ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:01:25 GMT
x-content-type-options
nosniff
age
531940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20161
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 22:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 18:01:25 GMT
truncated
/ Frame 28E7
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9c59ad15fb8a4c919e6f16557d181e93eeb3210498495e8b6b345e0dd043ba1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4B8F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 17:31:54 GMT
expires
Sun, 29 Jan 2023 17:31:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 28E7
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:12:51 GMT
x-content-type-options
nosniff
age
444855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:12:51 GMT
request.php
hal90002.redintelligence.net/ Frame F971
4 KB
2 KB
Script
General
Full URL
https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=6249250641117210892&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
1d1aaffff8c70f7fa910784f6da780b400bf1ce37123186c01bf2cf251b89743

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
64789300300784500951407011855002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1255
Expires
Sun, 30 Jan 2022 21:47:06 +0100
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=2827458361515167&bg=!eHulez_NAAY6OBv_Ojg7ACkAdvg8WicFQuxf8_f6AhNWfGRUNWmZKAFTK0RDO77HaJDGqO3KyQJi1AIAAAFAUgAAAAJoAQcKAJ94mtSIM17ICxpOg74e3x1BRjtT5bST18GrH-92VvgzyYwLBX9D9NwWtRBs9KKMuLAfsfwaMGb3uc5_f77YltgRg0XT8al3zLk17Ksucf25bg7djXC5x5FXni6U3toD4ImyAPAk0tLfhoepOmYXKHjPnC6vDUo9GelWS3MjRuhcD-_eSU7AsWbhTE3uoy3gm0V5u_tOWJtr96Dzf9CEwAyZAql4qXO-YaZQj7p07-tSOb7mPOwTf6XcZb2z9T_GzR88I9nM6_j5pfMvu6UJQnvGM8G5GUcSTipX8BplCpXxwua3OBYWC20dbOeoImewpmpWOeYsle7b7k-ayQ89NT83tJBvQ1Ye5GbUVJBcOztpkV_IqXgJm5XEnul4oSxoKhuNoPaaCFPyfzKWriwKtveeyrLIVddPsHSwWoYFS-41U_f9xFweZHKiqp-0BwnH0hQBzceiazC54kQViYfYtxiKtmhIsTMzXmhVAao_NU4Cc4gOF_u19nyN0G3ttKHZK5Gjcd8BDVSTe7gYvT41PK4jAbFNeMRjAJywoWAkWdNme-CPOajSULewj2rT_IQvLUzfJCO0OuYcJgcOOHiqk0c2CSmyTj4KCDdw4_px_9neca7rz4r0GayeUBCv88JgYNDQiXMkZQHO3BAQxxlm-se9HZ0aKVHk2mf1XySK-sQFYc7uSd7_fe4EVl4TvLuMRLsmi1EdBhfrctST7_coNJOMQDOG0MymeIoIToljxIwki7ccDkj1OteYpfGHeitK4XwTHdGt4N5k3pcyodhk12cGqVixmyDNv8LIX-IZZ8g4isYvtJMwvGvhilUAJ0pHXYb9xeuCLn9csZ1T8S7RgLo9TsDDXRpY4QSouXuAPy-m0k6vD4sJphwmdfpOjSYkMWeZNGJAmEpT_l4BBWpFKSucc1byAlLdF4wL8F74sj4_fRyEv2fO3Uu9EsJ3WoJxaAC2HjBVBn6jD687g-Q9zbMRXHorxTNQcafGJhs30mtFPHy-RLoDdhwW6Ny-k2Z5LXERnsVrynOeMH4Lbx34ieuQ8Ea_CV7p81U4w6iC19jdUpcEvNefuyufZeCbs78F6MSpe2aoNG4vUQTAo1hRh_dRaF0hUWx1LltEM88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame B6E6
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/
150 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/reactive_library_fy2019.js?bust=31064587
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54757
x-xss-protection
0
server
cafe
etag
14223464605515330893
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jan 2022 21:47:06 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 49F0
32 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a26386fd133ed4f61924e6a17ff50a5cfa30a23dab6352d2e76cd8f615db0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 Jan 2022 21:47:06 GMT
server
cafe
content-length
12762
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8056
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 17:31:54 GMT
expires
Sun, 29 Jan 2023 17:31:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 325C
8 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:17:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:06 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C
1 KB
877 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:28 GMT
9428738903086058192
tpc.googlesyndication.com/simgad/ Frame 34F3
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9428738903086058192?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm6Xu5-iIo2z1K20E-r464YfOtNMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4e4e95ec92a7f33674fa60611f2d96e9c9aeafa9828076739bf20d08afac95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 10:05:58 GMT
x-content-type-options
nosniff
age
301268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18130
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 15:13:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 27 Jan 2023 10:05:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 34F3
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 34F3
67 B
96 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 18:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
12727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 31 Jan 2022 18:14:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B9FD
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 30 Jan 2022 05:53:44 GMT
expires
Mon, 31 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
57202
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C8B2
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a3b01ac23a5794bf248c90d09d856bf0dbb3a9998f759280ae59ea73365f612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 325C
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 325C
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 325C
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 325C
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 02:23:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 27 Apr 2022 16:51:03 GMT
bannerify.css
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736
2 KB
656 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/bannerify.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4a0b5bdf6777c0df8e6c3c4c4ea50b1b4f69c218bdb0e9319dcd61f66b2e4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
627
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Jan 2023 19:00:00 GMT
frame_043774636.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736
2 KB
804 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/images/frame_043774636.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5442363bd6ec5eeaf3879064e39174d75d0daff3314700a316d1833b68c10dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
775
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Jan 2023 15:01:10 GMT
logo-white_042721439.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736
5 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/images/logo-white_042721439.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
256ab45e72d00811a252550bde3f17d2818b72e8fa2839b53c220ff8244cd6b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2533
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Jan 2023 15:24:32 GMT
h1_947408628.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/images/h1_947408628.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c22b29ea6850ba0926ba3222b8bad1bfff9cccc30185ab5ec9e676125efdf34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1999
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Jan 2023 11:51:18 GMT
button-chartreuse-solid_118393472.svg
s0.2mdn.net/sadbundle/16313028207426076408/images/ Frame A736
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/images/button-chartreuse-solid_118393472.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325715991e5065756a482444881c499f0e8bf48900416032b0cd1c793ad3cbd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 05:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1744
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Jan 2023 05:09:40 GMT
bannerify.js
s0.2mdn.net/sadbundle/16313028207426076408/ Frame A736
843 B
406 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/16313028207426076408/bannerify.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d17c191e5863bebf998cf621ba7ca1738a59ef7ea3db73a423c4a94b3e51f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16313028207426076408/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
377
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 14:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Jan 2023 15:24:32 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 51AE
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=869763061&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=261&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=SQclSW3PsY&p=https%3A//www.jagoanssh.com&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 34F3
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAp2zWQf3YYjVEfOUxdwP_JWgyAOe5ezLZvLjiq_YDsHg9tjaKRABILqk1GVgleKQgqAHoAGVm7SOA8gBAqgDAcgDyQSqBNMBT9C7gYRanlRBRiMyj50cQEcWT0sNZWwsYnYgjkQgMypM_AgRPesU-GwuNWGUreHcOxUIcUAsIHlMuG7usj4xOptUYyVv94FMldbXRXZuHuZqeQ1r6TpiwYV2EnsrVJFrgQhw9HbtNTeb2qg-QFXQO4nuX4tjoJt_VNq3ZOvAvIJVp4AendlNp28eqFjrrJP5ZkCBW_4fQ9_Oy5s4nsfvGVQi7OiSDDnqAbA1Uu4ecBAr09C-Twy_zgGyZM0O3Hd-gspYWfzZEY5FOI65MBvKsw6CTcAE49_LjPIDkgUECAQYAZIFBAgFGASgBgKAB9Pky3GoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDakwzSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTU0Mzg5OTYxNzY1OTI2NhgA&sigh=tg-v_CuZiRQ&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 Jan 2022 21:47:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34F3
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 34F3
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 10:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11341
x-xss-protection
0
server
cafe
etag
617338487876024589
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 10:45:35 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4313790034593009820/ Frame 325C
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4313790034593009820/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15b7f575ef8013b341a44f81bfde1121e34cc31ce82217380e34f3cde0cd04ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 20:26:39 GMT
x-content-type-options
nosniff
age
4827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19306
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 17:33:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Jan 2023 20:26:39 GMT
truncated
/ Frame 325C
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 325C
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 325C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEZj4WQf3YbLREdeJygXiwoPQBozzkIhoqrX9wOYOxeO7gbonEAEguqTUZWCV4pCCoAegAZqG2q4ByAEJqQIyRTgm4bOyPqgDAcgDywSqBOQBT9Cd0Y1FTvUPZK0ywd2dNQzMNrG-iarXeC9WmDzPt38evLVZrfrSwy54zzRD7PwmrkRkq5FpFp3u3AuuTjbZVUJ8GFUtXjPjjFQtgqgzXgTopmX77FettowtoHVY0vMkOhoeyvbD2aARIeW1uBEqGtBnjp837deGGZ0KC7C9YlQeqwZokb1KZvmQJj_XhT-iJv_1CalKBb2MOlD0YPVdN7bAo_nf4SRf4qF5MuktGJINVyVLHAMNtObT5gdWuwaX-AVxr3mV_1AQuyrwsVH6plD-ZfNXgs4F7S5liMPYoc1qhleDwASRzrqq4QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgq-a9AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDrkQTSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=Vz_LgnIb1GI&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 Jan 2022 21:47:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 01CE
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543899617659266&plah=www.jagoanssh.com&bust=31064587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Sun, 30 Jan 2022 15:50:50 GMT
expires
Sun, 13 Feb 2022 15:50:50 GMT
cache-control
public, max-age=1209600
age
21376
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adv.office-partner.de/ Frame EB48
930 B
931 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Sun, 30 Jan 2022 21:47:06 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 06 Feb 2022 21:47:06 GMT
cache-control
max-age=604800
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
5994599.fls.doubleclick.net/ Frame CCA0
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
391 B
345 B
Document
General
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
8ce776f6eec4192fffefc170c47a6b8de020e4804e884e71eca7ae9ea6072a3e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:06 GMT
expires
Sun, 30 Jan 2022 21:47:06 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900013.redintelligence.net/ Frame 01AC
7 KB
3 KB
Document
General
Full URL
https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=88951e9737&subid=&uid=6a40ccdd02c79596&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqUwoWAf3YZ-MOfWE9u8Pm5y1-A3dreioYLuP39SICvAuEAEg9Ov2K2CV4pCCoAfIAQmpAjJFOCbhs7I-qAMBqgT1AU_QDT7PZ5wkNhtOHBE5V7YoH3Bb07XqXixnu2ZZJlxt5d7h8iwPlCaqL18mUFh7aL_D0yyH4_y96osbLu8ZZ_rtdkBmB7OY7NboL3Mv7yoW5gyq6NY4UcSUsBTA1kbOajt8w2Y3XdiC-llndXRqkh3mhCUGlVsDjn7AI-QzSzFvtwUXuGsUFpXXT6_Q-xOhaibTjaHeiy8Jb5UcfrXM3TPrdPJ0376rbUk5kwxSrbOFSROTDHjLMlWkmWpPVN4lNLHB2dubxAusTUJXTuaTUn-DXtpQZqswXFK8sCpOa9qb-4TRYr7CX3uqAQf46hitMAlNI0DqwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUxNTM5NzQ5MjYxOTM0MzCACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoXg2PGAQliL4ryEMyTrbQcDN1HQ%26sig%3DAOD64_2mG_KqpnPYqLcs76d3UHOKS2zHOw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Cu5etJTFWOLpnOtXLl5q-gHucTgiGsOaDK44uLjFz6UmHEBDVITyy2BBfPrLMWDVjk14363cMMNSgiJE51j9Myl5QDjhwojdXl-NAn3SmZOYh_NGzDzYFBW105GnDDvi-48MfH5c4pGII2R335JNDuz2Pk1A%26cry%3D1%26dbm_d%3DAKAmf-Br0knwiZ21jb86NJeKbzBuQf7CFt6ljajpEIpGMuUAAIF5JDacei5AJBmDnFDZrFmY4hDBFnCX2voIHkt7xTGECufdWRo1vKI7mG5BjG_udEFFFqu9HDYR0Ee23pcSNguJtSGApP9AFtTi0FqMGTIAHCIXisYpEiK-rK8tF6vlXZlqDAXZOIdox72gVU79xX7m2tE8mn_6kcxbig2dQ3RKGzdfPPxoa_VG10c3vAIn3_JxHnhzL7g4ujSSDKUxcjxeRHxZstPH3cePsYVmuI90ZX-TBxwzbhHmJUPNpDZCEbN2CBdPDgyJ1JstLeGClwRGdoqGh8s7jYk1i5L5T4kjj7d1DbRJKfT9DylzMYlsu2jWhYfBrbmnpZoSAAcggJypyKMzsCFfFDZkbiSXfBxUc5ZyjzbHOUdiVE1wLCV3ZAWl639cHCgDC6vwLRw0ixg7UETnNkIVR_C8i0rZ1pJXOm3nkQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.jagoanssh.com%2F&ancestorOrigins=https%3A%2F%2Fwww.jagoanssh.com&random=6002245432562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e037b3c7b7441f8d0999a402e6d6c55679a29b1ed0be4c89ea44e46a698fc53e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 30 Jan 2022 21:47:06 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2403
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 675B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2152b36944f90f3c925c0d1eff7c1d061ac52acc8b4a26691766e27d0b59138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv.office-partner.de/ Frame BD91
930 B
930 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

server
keycdn-engine
date
Sun, 30 Jan 2022 21:47:06 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 06 Feb 2022 21:47:06 GMT
cache-control
max-age=604800
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame F971
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64789300300784500951407011855002&nw=1
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5eb31c1817c870043538269a7e2d0c6dd483fb5c6a743e81edf46e0cb09cc38a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
8019191.fls.doubleclick.net/ Frame F507
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
391 B
346 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
f319c6a215938206737158adb32e9e89e978502432416a5237c7e0ee4a3ba3ca
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:06 GMT
expires
Sun, 30 Jan 2022 21:47:06 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90002.redintelligence.net/ Frame E990
7 KB
2 KB
Document
General
Full URL
https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=0cc31b57b5&subid=&uid=232ffe604bb250b5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWQAFanYKsuFIagye6Q%26mt_aid%3D6249250641117210892%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_E-GWQf3YbDOEdPiywX3u5zIA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9AXdQN2wrpumWRmSZ3aZ9kbvdaVJmFNKlgVag_erLRH8Ube39zAu0ZuuCChgWqsMrHJ5GfqsfTzuM59F6FFnv2uwT3tfGrO7ExJHuTsrPfWXl8G_Yngve7qs7_uM2PcMc5-6dOKw48z5tdduIFmh2IqZIE3n68Kw5M27qyeR3DVTevORRwrGKSoAaTSGRJ7om7V7ZidzR2gQBWYsMui_GAHRcxVmhFzPAKZGvIjaGxd4xZ-udJrquuxyt80nWa0e1xFAiAcCDFcvVLFUgTUbIAGk-bExZnd9a_6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1djIB6K58zwwZGXJ2BMTVY1p5MHw%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D280%26slotname%3D3821705765%26adk%3D1128998514%26adf%3D2302661348%26pi%3Dt.ma~as.3821705765%26w%3D429%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579225%26rafmt%3D1%26psa%3D0%26format%3D429x280%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579224712%26bpp%3D1%26bdt%3D779%26idt%3D259%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1110x280%26nras%3D1%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D586%26ady%3D3668%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DrkccTyVlmn%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D499&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.jagoanssh.com&random=1433280457024&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
0038aa9ed4d1e13c44aa42702a80f572db33ce03089a82b32c60c0a3b446a881

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 30 Jan 2022 21:47:06 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2141
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame F971
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=64789300300784500951407011855002&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame F971
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=64789300300784500951407011855002&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ Frame F971
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d2624e2edaac119158393b2705a224f485012a3ef6584cbf217f2d5bf60e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5064
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Sun, 30 Jan 2022 21:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 325C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34ef825d1200a7fd65de67bd50216e4564db7344dd4c78fa7b53fbdd756c432f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 4B8F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
truncated
/ Frame 34F3
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdbe1ef58468076aede420dea4b2fccbd9cb4e86cc1517d4b52db96f10b174e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 325C
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:12:51 GMT
x-content-type-options
nosniff
age
444855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:12:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 01AC
89 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 10:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 10:01:10 GMT
css2
fonts.googleapis.com/ Frame 01CE
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:19:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:06 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 01CE
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 23:11:23 GMT
x-content-type-options
nosniff
age
167743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 28 Jan 2023 23:11:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 01CE
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 14:59:41 GMT
x-content-type-options
nosniff
age
24445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 30 Jan 2023 14:59:41 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 01CE
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7952
x-xss-protection
0
server
cafe
etag
4804491876264876803
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:08:21 GMT
css
fonts.googleapis.com/ Frame E990
4 KB
649 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:26:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:06 GMT
/
hal9000.redintelligence.net/scale/ Frame E990
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
7b1b9bb1655d869d3f665f031438d85870594ead470e527bf521660607c6580a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16532
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame E990
17 KB
17 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
f0dc407a28b9bc6862935d61896359353389c2c207b30d4d915b03e870d56ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame E990
14 KB
14 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
20d2b7472f76c7831a98ccbc252db65d4491a6c29e58d24d0c250c49cf91ed56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14132
Vary
Accept-Encoding
Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame D15C
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoJN8wbKVy-iuLDPqxtTFSB7id-kJkuiGzYMJ0TqWY4B9M2f2an0miqdrJOidA33afmjNz1rJSKhz6hgPYfJ1syebXvAHzB8ol9nEy2azPAJhOm8x_lx8VrGctevGh6dYO-AqRWWf3F8LphjAbrjzir7L4YkjcjclvAHAphW3Yn3L37-uQR7KZLFRHNVwfUJmwMr7bdR13nyA2xzHVSZyoRTPFOk5o5jhd_hpRP2KgQBAxB6galIYIhR0MZ4jZZf0W0a6yGhpITm44h6vm04NB2kEOEZJbNGgsJ-U0fCNCtEvTK6-2h67Pbk748eu0RdG4LDmSLQEms3ZWPK4uizT4pXJ7EGkqf3c6Zi8hWaZ9s4bbO2p5g0pnNIedqWPhxouup2HUS9WIL9jwCDzhXTxFwJRE2gYbprGiXZyfvdJGGDQwUQbJG4yWj-UZsmxheDhuAz5qAwx1jJviEh5hxi77qBIkgH7YfS7Xgy9ByRTZL1hPPYOf7CGqwmmtz2XD_28BvSngT32Bylg0Gndy9tScsKwKHTf5ftK510TpCxUPliiUi2tiF0UG0ldxRqvD6uhEWnFpZN1KT-zwtvROfsH79hb2nAbCBFC71ZmXbZWXvo-dsLoqs1HqwNYhYPqxqnU3d9z8OjktN8L61j4DECQB4Ez14IVECFDL3WqRWuqB5FsQ1RTOCzO0K8ma8v5f3XeSwl1KZweSbWvbO-7k41o-DNTePfNHNE8aJin8hcPZr_wAJkMGzPbSgv2xmnptuNa029EOX1s2NJYMQjExefnoN8a5QWjIl0b6FTNacHAz2hasmWZc1on_fvIx0uTRkw9DAVZU5tQlY1ApsUCknuTnkFhzZfW5lgE0uy33SH9DKBAVco8YRsrlhFh1ku_GSmNCCyXucY3A5T90Jn6o3WxAu4OsM7by-rEP0Mk8UHSD1iTrjKAgKsa-dHfk_U2AjBGxUzhQ86r3OygTRXJw2aHvS3quS4MwW8cDZgVL5qsJbuZr6JpCD0hQkXC4rg7Qpu_xJFQzSR0xSrTsuI045P0v5orayISvjSrx8b5rPWdw_xw_A4pG1IdICYNXEnY75lvJM0Hx26Wy4Is9ua1vwDOYbG5jLm4cmrKP6lPKqS50F4eDL6LoVARyQ7IGgOFh-d68is2hO7V6qNDLbJu1ZT3ImYQ0-slOWn9movg8h9LSm5V006c4hLIxesU1iDjKVdS3Rdlnv2SRt7WnsgCu&sai=AMfl-YR7QQTDdTe7aqNOmubpV6ElwKVqFdAtlOl1WjDN_HDVwuGmLoeQ32L5Lic0cRckjMLKWnn1FXQSL6j_VIiZoss5ipDGCmQagCF_IxrAx4vcGKfY98PKKtRu5qzli5b5333ORTn8GXD94DtronL8e8EFP4UL7P_vDhr1TP0&sig=Cg0ArKJSzFpUu6_j1lUTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=752&vt=11&dtpt=520&dett=3&cstd=229&cisv=r20220126.70559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 64D4
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=4256242264&adf=2959314990&pi=t.ma~as.3821705765&w=1110&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=249&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=05SQ1X2uYb&p=https%3A//www.jagoanssh.com&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B9FD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1&google_push=AYg5qPLq1MxuRLEoVyY-UlEZwbgCkbXWsf9SP2SWxZ7w4U1ms8vka-Tbec_dsDkY0ja8AExAJisK9RjHvI_DGbTxUXOp8iGB_sM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1NzM1Njg3ODU3NjkxNzI1OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
43 B
407 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
Protocol
H2
Server
2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF2cAmXo2VSG4ULmxN51tjc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame B9FD
0
177 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF7EbFNbrLNOOKIlp-bIXRg&google_cver=1&google_push=AYg5qPLaBLEf5esN0543EqZUSGyrq528PDmw3aWWeF3iqb_A81Gnm7UMMUbi1j3S0UoQCtva9QVzdMvbMhKrnbpJyIJyYpfEP2U
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643579226.498098,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4062-HHN
pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIqVpoC75wsCKahE5mab900&google_cver=1&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIzIdgIeqVWBDNHLyYi-FjcQo9X4wZvDZR34mUVadbiPUHKj0XGvl3MD-49BR9DgIURsbabaHoUAkaLHqyT7chjQE_HhbY&google_hm=4c1a1832a5f6f85bce99e99d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
0
0

sync
ssbsync.smartadserver.com/api/ Frame B9FD
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGsPSDyRBdIg1lxIoOrI1oc&google_cver=1&google_push=AYg5qPIOkrOpaqyyGrKs8d_NWHGRc0PugsHZfaN5vWpA69e3dmHOon0AHfBSSs9OsCMUUsGJJxGK4U7WCu2fI34r2_fAEK05Vg0
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHC...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOrWedbDBnULT7eoHraKyGc&google_cver=1&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHC...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zZ1ZHamc1RTJ1R2xlMVNZV24xOElRX1BoN0lzUU9sbH5B&google_push=AYg5qPLKCPo--Ikl-Qy6TSY1tFVvz7OLAkhwtp16bOlMtjXMRDE1IsECmK4JNuoMUTQOaODGHCdNsU-LC2ziMa24UdNFVvDppK3s
date
Sun, 30 Jan 2022 21:47:06 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B9FD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFRSYBDloDZ9HEAvXQA4clQ&google_cver=1&google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIa...
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_hm=google_push=AYg5qPJkJ4GTmHRT0Zi672u920X6-cYWzxGZWsQCXTU6u7RayGDKKQIeR2Mo99FCoPc3q_rMTWdmFY6leIaty1z4B0LR8EdIpsPU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame B9FD
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JV9za5tw4Gh1Roho9EKtsbhJLEBKkvB72tz2dfwDnI2qWWrMnZTKm1mkOPztK4F0gU2tXw0vA
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 8056
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
gtm.js
www.googletagmanager.com/ Frame EB48
81 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b34018b7febe19cb767cdfad90d7ef38458a38780ef8fa76c8a5162edf31b072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32091
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Jan 2022 21:47:06 GMT
gtm.js
www.googletagmanager.com/ Frame BD91
81 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85f93f61aafab804a71f970e99ce3b0b13ab4f5c53c1b152535bda6fc00850c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32090
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Jan 2022 21:47:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 04CD
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cd7ORWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBM0BT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efzPq3yosWd6t1-JD4FBRg4_TpRbWLYchVSJizxpmoTNLI2mJaUGiIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTk2MTc2NTkyNjYYAA&sigh=B1zBeSa0rA0&uach_m=[UACH]&cid=CAQSOwCNIrLMZzozKNNcu_ve53PBzw3I8XOuAf_MgGC-FkM-D_zBcm95gcGBszbOMMDd2MIyQNSuzU5phSBBGAE&tpd=AGWhJmsIBw8oNEhb0EyKSfg6qxkQ1kKrHBx182qlNfrmuygUMTZOmiEhl7bz4K0acEKNqLHm6SLXKW30I7dAcvRH-zDvWNftWPT2W1sSpvheSjpTBYA2yiDS37u-1ZoHmkxNhiwfM7f2j_B5tjQae3JUX0NXkw9qNxioq4VZsTqFcZcezpBV2cyRE1-RtAYEyBhTG14RIVriLCsCR54rvZAo93P5OAHaCFQiA1BcxXax4OJqlqw0PwJNCNYvITJ0H1aK4SHrwEPc1YDwjY04CTGAHhXo5iNDin-le5BYOKw8jAdDt1KZr1QJfzrNrI3129ZVf_16tRuHw8Or2liy5Uu82cxQcYdz9k1Buj-8y8XkT_s-YSyMaRA44NHIQ9OThk_jegG0Xn4wngJhti97KydXgDGpHcpETuAnF3ueUr22Ec5LALCROTgjN7Xjjqyj47cmOP9YiKFj6lyRWhGyE8iJlBmEm0G6HOHUxR1DkX2wD5QkCXDD4R9oSfoseIRfxQGCwuGIlaFMQuBjL98Oellkj6KQ750DcZhO_jteeQOQGq0o4Vv4wSgBVQxMSN4v9w47Le36PTub-ehx5UuR_TJrfdX8vStUaG9lNSeci8c-ioH4QFUG8n44TEjxV08Zt8yJ3J3oJ1yJXZH9yI1nSI2uRNuqe5edUSVIxKuBdqfC0TCPqpICAbfCmXvii6RBPI-arOyBiM6Sd7LJnEp2EK1c3Fn0kTIjFu2ruidyx9AWsVD3NfuT8xg0RpCzjbgKbx4uCfDxvkeZjNWH-g4DWDN4JFwmpLVJd5io2bdvclcR0k8rwHfjqs_PFI5WlMTOEyzp3KlNOuxgjUHi3pXl4yGG_FTLX3OL_ecynoSi72oHNDKO4-SJ4fG4sDhs6EGSA074Wyl_fQqi_EOu4llE63rcrYGpvjBYjkXEoPohJp84wmxfqLtW_mv7CTGNcvtnyhjqrF0wAWep9AShYezJ9IyWELZ--9ZnuQ3g5AmDRPPBct3qTklUU-CBuDb5WtFplUrn0ev2nRWmKfKEQ8HMcnOWSjNcKpNxUgeMGKAFDDVTsKYI67KMWCt6BVVLaDQe0M5qDbc3
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 Jan 2022 21:47:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 04CD
2 KB
2 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
710a975426a0027b34f7cc6501a72c190d7480befae89d4afa69115ed8be93a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1643579226
Last-Modified
Sun, 30 Jan 2022 21:47:06 GMT
Server
MMBD/3.300.0
x-mm-latency
34 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x25, cdg-bidder-x166
Connection
close
Expires
Sun, 30 Jan 2022 21:47:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 04CD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04CD
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 04CD
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
l
www.google.com/ads/measurement/ Frame 04CD
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7PXSn27nGs-7QXAtN9TwBQkJtYXBVhhIqk3WMNrMcWBgKKyl8_ROQ7kp1OsPToXLSzWNx0QwG1mGIuYNbV_7g1cs95Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
adservice.google.com/ddm/fls/z/ Frame CCA0
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTBx9-52vUCFZbqUQodWFEAdQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7242513496877.496?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90002.redintelligence.net/ Frame E990
0
150 B
Script
General
Full URL
https://hal90002.redintelligence.net/viewability?s=64789300300784500951407011855002&a=06d115b6&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=64789300300784500951407011855002&a=6147ab29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E990
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90002.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 20:17:49 GMT
x-content-type-options
nosniff
age
437357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 20:17:49 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E990
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90002.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 11:22:37 GMT
x-content-type-options
nosniff
age
383069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 11:22:37 GMT
dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
adservice.google.com/ddm/fls/z/ Frame F507
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKmpyN-52vUCFaMfBgAd8QoPXQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6401200580826.685?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame F971
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64789300300784500951407011855002&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
55880
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
OGoh8-vcbi2aQZxlMnKOKimAYAZ_GRM4rg8FX9itu79O_r_olwm5uA==
link.html
track.webgains.com/ Frame F971
85 B
541 B
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=76949200282886900714456011855028&wglinkid=498343
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=1128998514&adf=2302661348&pi=t.ma~as.3821705765&w=429&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=429x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=1&bdt=779&idt=259&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=3668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rkccTyVlmn&p=https%3A//www.jagoanssh.com&dtd=499
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5064
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 Jan 2022 21:47:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Jan 2022 21:47:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 Jan 2022 21:47:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 6BC3
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=280&slotname=3821705765&adk=261351557&adf=2653041513&pi=t.ma~as.3821705765&w=1200&fwrn=4&fwrnh=100&lmt=1643579225&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579224712&bpp=2&bdt=779&idt=245&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k8FG9QoChi&p=https%3A//www.jagoanssh.com&dtd=491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
css
fonts.googleapis.com/ Frame 4052
6 KB
670 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:14:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:06 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052
1 KB
877 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:28 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4052
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:45:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4052
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jan 2022 21:47:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4052
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 21:44:05 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 4052
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 02:23:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 27 Apr 2022 16:51:03 GMT
viewability
hal900013.redintelligence.net/ Frame 01AC
0
150 B
Script
General
Full URL
https://hal900013.redintelligence.net/viewability?s=39428600313163300757589011855013&a=c677aae8&vb=m
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
link.html
track.webgains.com/ Frame 01AC
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=39428600313163300757589011855013&viewref=39428600313163300757589011855013&nw=1
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
74ff9418c9cefe00d5c008ee0daed56389be2476f26a462ae27af671b2b5029b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1267
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 01AC
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame 04CD
10 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2790486132685545802&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
34a9266d3a2bff74d6b3233721767543fd0e57f4835cee714ea892f5497196cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3316
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 04CD
43 B
405 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2790486132685545802&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:05 GMT
img
tags.mathtag.com/event/ Frame 04CD
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2790486132685545802&st=4562306&time=1643579226&nodeid=2817
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x83, cdg-bidder-x166
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 30 Jan 2022 21:47:05 GMT
js
sync.mathtag.com/sync/ Frame 04CD
1 KB
1 KB
Script
General
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RRM01tRTFNVEl0TUdFNU1pMWhOVGc0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3OTA0ODYxMzI2ODU1NDU4MDIvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVZVdzRUpkajlkZDZFOWNtTnptRWpaZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzkwNDg2MTMyNjg1NTQ1ODAyL2Ftcy8wLzYwMy85NC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MzU3OTIyNi8xNjQzNTkxODI2LzQvcHViLTU1NDM4OTk2MTc2NTkyNjYv/zSHuvhU5G4wsllGkOMmB2vMVM1Q&nodeid=2817&group=cdg&auctionid=2790486132685545802&shardkey=2790486132685545802&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%26client%3Dca-pub-5543899617659266%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash
5f93f0286980feac0bb1912db6302af4e359eb243107bd2695ba94135a4989bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Sun, 30 Jan 2022 21:47:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B6E6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtwQrWQf3YYr1IM3C7_UPl_ibUAAAAAA4AeAEAg&bg=!6Oul66_NAAY6OBv_Ojg7ACkAdvg8WuXLVdzxIKQL6zcdpL__FBYNJGA1-X5rAycUSByKw-lzIczAmwIAAAH2UgAAAAJoAQeZAywe24mm8Sx3jhPhRKyVKW22LQctfI6zIwmWEJgVZjGAijVbVb0B1AJOMgsSxK6C_s2hnvepi-HWhLv-qMoO9OGWLnH9run-67bJFDoIsZXIuA3xM3LZLD-3J0lu1FYISX-cfhmdEYwR9Y8UEPZQBRc14Jhda5iQmz4QwnxbtDIIDA7SxbTrov0_3PWVtZ5EBEvwem4RE1HaElLofKB-cP4ZP476kRdoYbNveKJj-cQ5FXbb99H9-_wpuV8C8MsDgLp9vLNZnPBej__T4BBqaLGja4X4pITTV462kQyXc46NLVBRpJxaSM24buGkViQqkKW5H-oFQlYGFvvpbUelsedwUhz94PgX03ksJVAVbSfSBN4bxYiiXsY0EON2IXr4lQe2nJSdJ0lBhr6Ff2bXCtywNotZhVy-Ws726083Bc98SDG-ZWznYMoiMEo__0djbuGofgGyTrcXtztOh8hfX2xS8-AbEhqKRUzYdWyl8PgY2FCJTR1UXB6juZSN6-0dHYXDFQojecKcAx2jWwGkosObo4D-r2Ra67Kq6lU3H5fajhieKcOdoCxeu7paZwF3u5iRNWLtJB3ChnlHzYfBX6oG5zUV0-cLKt_on9DrNvs8HwyKlb5nsnQlXO7I5wY2FZQpaInTLzPteE4dHbOoN0sZ61y6nTUwCGK3E_3vv83fydKnHyju1roWVJ0X0AO344d90UVwAuyrKPxDvtVbSjMbP8li-wHsf-R9ewUdp37B7N8tiHfks5c_ZL_bwYggLWbkuguGZVfs15buiR-k2-zMHWcT0VNMQTeQZ9W3HWJ69TJkCI7s9O_OVmmwYU1WxU7dy9_Z1cwl-6nc1mfrY6QIeqopxcXSL7Dtz1ETTZ3YI1un9x1bLJZRaWTuwg-fhy5ZTUDZXcnHjc5sSAHP8WiHhXH6tlgGFUYR9NoWn6Fgu5g30bryGVofESkNzWqzYnbqeCaKkOGjxbLaCrXQc_amsZDViQr_9tbY7Clisq5UvusbbWaOwjTxT2ivrzZpxbIKtkDa8BlIJnw_4M51KWRDWMwPmdLmLskEshuxQzla4GkI4oU72BDTRAe7Jw
Requested by
Host: efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
URL: https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900026.redintelligence.net/ Frame 04CD
3 KB
2 KB
Script
General
Full URL
https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2790486132685545802&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ccbb07d96140c7b362a7354521f1b4df71f3eb6160ee83616a97bcc8d5be711e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
98481800237293200951389011855026
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1240
Expires
Sun, 30 Jan 2022 21:47:06 +0100
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame DA19
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 20:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
263503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 20:35:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B8F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1J_yWQf3YYOtIezYx_APwMuToAMAAAAAOAHgBAI&bg=!9fal9rLNAAY6OBv_Ojg7ACkAdvg8WlMem51mXxM_XwbTc2qFmqvBrsOstydzioEaZBPvD4OFWa4bogIAAAFvUgAAAAJoAQcKADFkDQOPWa25ep8jKFKam7Z1px6UlzG1cUl8mdX0IwUn6XA-J_yMyvmCm7o5m4UjfyoBmQMAJEa8R2bfdyTp2_aCP99ClqSIR7ljsGjy8ummj0HMVr5EkEZwlvlOxJztNa7_PHHlLfZQV89KYudThcMv5pNEi03YhA2t8hCEYYMu4UkmCIV1PQW8s52uGpuat9Xonl6WmVf7cLepk32M6X5dokqTggGJvGgenr79xcqOeccf7jC_n6GUP--Fd50oFglummeolCnAKxd3IoCcwxhrTVKffTE_qM3UUDzuDEFd2PCTl_EBVvOrrFxkl5eROb9Q49FJjY5AETLGPvkQEIPmudhX3eH80aaVbh3juYAgYsBrkZIPDBeuHhMgshAlDCRIK1gMNiDOGpzXjizTXBaQQJwEvuzh_wF49q1U6w89NEylIyqH5ZIGFPEBFcPR02m2M1d-is-OkkJknoqufjjVLDWT94fIuBkYhQA7ThObF54ssqzCnXmC_M6h-5S0x0Y_ht0TM0LOB8Yprm6d9dKWs5jR1i6S1WZKlovl5IsgHJsiBXsAFoPCg9Q7JCmPubSF2wu55I4bW0u-ozGoDXf2XdbjdBByFhu5SbrF0n6YKss3tvasuOllB54TDMA7Pkk1Sz76lN1ZPcN3NiAs2p5uFAwogOePGgVIbKh_gvMk11gX9oS4O_xhetiFs5c7hwVzzE1cZgxAJFOXR3GPJzhzRGQBeaHf9TZfQ8yaPR8sUaQzRNBGL5wIE5wXmoEzgMmn1XkrrhmF2kp7PZ_ljdA-etFzOgXgfyHsoTDZnwfwypOG719VU600Amj1PWAAFY-I_0Uuo0NbEZTzcTbhA4aPbZsxkBHLov-w8h_KiWfgakgk5gHp-_AaAD9naWmcAR8SYh-rzCcI-1g2X9vY6QtwE-E99GqJ7v-BaTrFlp4N5ZWdWaJTyc3Qczq1rfCwi8sc2Rb0CBdE_YB29W7r2HHk55CNpGOZjL-8gMPCupWsGMXthAU0SHehCgtA2c01gFVHobNwz8z3QQQcrvvWwLWAMUDYwBlnVGDSeiryWeSx_E7CkKTgYHtdNqf7gNSBvs2CUPEh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 01AC
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=39428600313163300757589011855013&viewref=39428600313163300757589011855013&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
55880
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
95DtHOFLWyYIKulHQHNKVvju_Yg-9RJn0k7f7-mPeQxu0Wgw0S8gtw==
link.html
track.webgains.com/ Frame 01AC
48 KB
48 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=93678800309036800757589011855004&wglinkid=264925
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=39428600313163300757589011855013&a=151c563b
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D15C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBfD9i1ReIrBk8SanXB_XI0Nso_ted77O0hutyh54ZN-q3BN0wykBbqiyJls5jY44PXqilEdAYTf0yJiRMnLP5ie3NL-L_1xRrcAaPlBq__sL_8rjbdw&sai=AMfl-YRQtH8q-goFrSUpR6wBpOnCfhWweIpFZdwbAaaWm7Ko7bZkf0Iqu-5JlMb53Xxnzw_0aU2a24Sfvk37yt6ekUvJcKH7n3JMuCKprnPZYbMbNsbiUNp_huImMwtcSpg&sig=Cg0ArKJSzJVPZ8kAINL5EAE&cid=CAASFeRoOcrRco18CQcp8PoC6puTR0vXTQ&id=lidar2&mcvt=1007&p=1110,436,1200,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2385447796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643579225405&rpt=455&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8056
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcINqWQf3YbmMHICB7_UP_bCrqAUAAAAAOAHgBAI&bg=!9_Sl9LDNAAY6OBv_Ojg7ACkAdvg8WkYhwcnGJvFGWbIuEzeQLvrwpttvjxCZaoA2Uey0ISf5whBjSgIAAAENUgAAAAJoAQcKAAWmVNVMs5kDCqhvPxJ9GTXyHA-DdSTx6YE6_wPmmGH8tmbUnqNzgtWU_NtBixSKrO6ViZz_Aneg_S65hG6gaGGlQvaaXf-5ZMIEw68ie1KZvpMHrP3nvKRhgYaM_lW1hsfFLevIrU99abXvqj5rR5tmIUNRTCZo89MAixlGyYlobG29j_s72UBhzwjPiEaKBH6TYmwheAFUvhVDxAbiq3L4XoLBb7aCBC_ZKiE-rDVDru6nh1vr3PjgvxmltAAbR6WlFdKKPKSo6m7DcziFyD_G2ihl3THSykpQuzsvUgt_T814rnVATuTOO2bvDL3gOtQXlt9u4QiSQ0U0g-AKK25O1hbSL9EQo-lCQh_vd9JXeOoWuxj-Yo1DpN7Lw9AWUwnrV1ushoD99F3JYb6M--WyBb8x1xCMA4AtToF6CVzAVTnAxWcvNwcSbcaRhU1evLxAuCSlrHh1pv_jGYRN3K73mxQNVkeMvMa7m6klHzHSC2NnvEupd-QKHVgcI1O1b_KiCZLHiY9yPHLqZAZnfeAydv_r2R6aEUrwlE3M-i32tCMBpLiAlgt_jgSef76JVjyrrLRGpixajgaazLfwycHb5x7vOJs9KhHeygJaPyS0f5S6c8BJzkYxDZznREDg6mWVP0eDzOhT3kHkyZEZimAThs0DwnxakHk_6w0WUjNg4AiGXVh7PuYUfSHT43hM3_FoT0HQSwPk-txB4DKE2rvorWWoZxEWgrg8_BpmygZEUJW1ps-TXYlggedXXT_3_oJR3g9-OyVw8UvtKCepHwVzzv8tjZjBz0aw6qgEr1sNTnuWQphj5ELl4U46lpkkHt0bLopeBSrJ4HxF4YYwfy05Cvv9btpgww-2DzjkbFTZVygj8Owj4wk4fIkV0SVW9rGQmUffJCSKrdeRjmw5JpszyCrCe-okx4yja4TMF9UzPMiElpKvkXYtvRPAQAeIBrQ6kOJp9LHrMpwQyZwpD_jogToz_uhhgg8VlLLe1oi275M1aEeInHuMJxc3jYNehYC86sjXjJaS-Tc5ORHGSHxoBSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htlp
futalis.de/ Frame F5FA
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=98481800237293200951389011855026&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
350 B
409 B
Document
General
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

date
Sun, 30 Jan 2022 21:47:07 GMT
server
Apache
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
content-length
0
content-type
text/html; charset=utf-8
link.html
track.webgains.com/ Frame 04CD
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=98481800237293200951389011855026
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
fada4ef16159c4e4fc5a47b9b377215f1625096f49df7f74892a63e59c8ca038

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:07 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:07 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
8019191.fls.doubleclick.net/ Frame 977E
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
391 B
345 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
Requested by
Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/?do=dns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e0825928eb732ce936f063676a8bde6ec18f3a6c84e00cc28504b41343f405ee
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:07 GMT
expires
Sun, 30 Jan 2022 21:47:07 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jan 2022 21:47:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900026.redintelligence.net/ Frame A955
7 KB
2 KB
Document
General
Full URL
https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=69b8081e25&subid=&uid=abb0d7fed012ea3d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfcHWgAC2ZEKsvsL2gjyvw%26mt_aid%3D2790486132685545802%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_cid%3D6ae361f7-0759-4801-9b9c-a4255d0a1d0b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCas8LWgf3Yem1BaKDxdwPq9GtUM-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU1NDM4OTk2MTc2NTkyNjbIAQmoAwGqBNABT9A8cLXgH8TSR2HL5jf0PQyg_aRghQoEmi6Q2LoZ4YWG-y_M_73UzmTYdgjvdDylrjWZlXarsZe9aKRjg_KqG-wEq09xSnqMmPr1MoyUfARZCnvFjCwja1hFUM2sEfIe4M_1dSuWHavL_Y_GZ7dI7EzmchBehJl3Qdl2_xik3J_c94fBSeDIcN3KjTN5XopP9a-8-4vcZ3wOm9XfSDgvju3gjoH0efyNqV06HdvesNItRyqZBqHPU4BR5LwynbU0S3zGYCXTAJUIvBkBBdQhmIAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0ECPW0rwz9vbcLnYtkhoD-hX2hzQ%2526client%253Dca-pub-5543899617659266%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5543899617659266%26output%3Dhtml%26h%3D90%26adk%3D2025600277%26adf%3D1655990041%26pi%3Dt.aa~a.2572183418~rp.1%26w%3D1080%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643579226%26rafmt%3D1%26to%3Dqs%26pwprc%3D7427565917%26psa%3D1%26format%3D1080x90%26url%3Dhttps%253A%252F%252Fwww.jagoanssh.com%252F%253Fdo%253Ddns%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1643579226031%26bpp%3D1%26bdt%3D2098%26idt%3D1%26shv%3Dr20220126%26mjsv%3Dm202201260401%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2bbd1114a43b817b%253AT%253D1643579224%253AS%253DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA%26prev_fmts%3D0x0%252C1200x280%252C1110x280%252C429x280%252C1200x280%26nras%3D2%26correlator%3D3569225387515%26frm%3D20%26pv%3D1%26ga_vid%3D38563035.1643579225%26ga_sid%3D1643579225%26ga_hid%3D1169998463%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D260%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C21066433%252C31064587%252C31060032%26oid%3D2%26psts%3DAGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4%26pvsid%3D2827458361515167%26pem%3D13%26tmod%3D1941092400%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D11%26uci%3Da!b%26btvi%3D5%26fsb%3D1%26xpc%3Db9OPXdYZw1%26p%3Dhttps%253A%2F%2Fwww.jagoanssh.com%26dtd%3D14&ancestorOrigins=null&random=5103852063107&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
001e2715fd38044cebc280676c5776ff00a5352c637fde0fe3d598e3ae82b693

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sun, 30 Jan 2022 21:47:06 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 30 Jan 2022 21:47:06 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2081
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 04CD
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=98481800237293200951389011855026&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:06 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
iframe
sync.mathtag.com/sync/ Frame CF55
652 B
765 B
Document
General
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0 /
Resource Hash
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Sun, 30 Jan 2022 21:47:06 GMT
Content-Encoding
gzip
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C6C
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 30 Jan 2022 05:53:44 GMT
expires
Mon, 31 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
57202
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 04CD
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d13ac8664a2f3f61828693d4b717313a842261c427d5a5298c3c6d9ecd8a315

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
img
sync.mathtag.com/misc/ Frame 04CD
43 B
549 B
Image
General
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Server
MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:06 GMT
css
fonts.googleapis.com/ Frame A955
1 KB
419 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 20:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 21:47:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 21:47:07 GMT
/
hal9000.redintelligence.net/scale/ Frame A955
10 KB
10 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_627x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
dcfa3c266dc1db6bc5d452bc89db79ee64260416a21a03660d2048a2e7776f5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10406
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A955
8 KB
9 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-fussball-627x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
d10c55737d31f7fe33161fc934c0272b39c013d2bb441093f70b03a364342986

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8545
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A955
7 KB
8 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e48f566130bda8a3b3d344d365fa010b06611519a3f2d110faa73fcb506fa4d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7627
Vary
Accept-Encoding
Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 7C6C
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJGPXWoOqQZXsORHcPGMiaY&google_cver=1&google_push=AYg5qPJ2dXQrA04OJGMLESioV08VrE48HKEndABapqlO5A-Ekal0-cqO8grIsDY12UbykVgLhRPAtg430smknk1qVwuUDbsE-Jdd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 7C6C
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEN9b1j6nfhSE5gNBAO4olpU&google_push=AYg5qPJjLkwaBThs9Xzhy_l3Wp-JjQnblnJ9nS2fXJiIQCJX7J2k5YOlLrCMXxa5vUdNOdyWxJ_HRI-Ds5XvtH_0oiiQQpnXkdY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 7C6C
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELFuYC_R3Imrbc2uXXBA3Xo&google_cver=1&google_push=AYg5qPL9Shj5sdDRxc2AH4JPe0b1unI-MdRcuLBFT-QbSxqBSzjXS0EG_K3uBk57UFIuRLjBxPP3YhAVDaFHyXHa6siBU6ZmeCo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
e0mees3ud8n538f5e7phlg1c8vas17e5
pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZLiQrroSQU-xrrPK76QOPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7n4MuBQtB_XflXd9fqG-V0RW6R1yrtmWwhR9X_LnFJ96vbf3KU8We1vGXYTDu7lAS3Og1gz35Cx1uZh0Qfns4yVNYvNN6
date
Sun, 30 Jan 2022 21:47:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWzhwyRDRCWiYGRZsyNNRY&google_cver=1&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oxU01XRk8tNi0yUjla&google_push=AYg5qPKw9cb5zDlKgOHCFKhc2IvMP6bT78sg8wcLU2vFJ2pOQk-XCTH9N1dqDSyjSVmmY_oXBli6tfu6Z4wm69PMU9g4-U8hs1s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7C6C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiri...
0
0

trk
ag.innovid.com/ Frame 7C6C
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIO9t4wiKxqY4wVSV94cRQw&google_cver=1&google_push=AYg5qPKLz5hFQPbwqJoqaGXuZ6cqTsF_tL6x-UKYur8BasWsqBPSVXdj0nn8AkKS1zQ1-HeI2nGHMjpfeyOD8RSbu3CC-z6dETHN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7C6C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv8ELAbzlzpFDzXwsUb_5Zf29an7kp7vKL96fkYpjdqV46OLE_B79_tqUl9e_jpMm2hShs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
sync.mathtag.com/misc/ Frame CF55
43 B
550 B
Image
General
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=6ae361f7-0759-4801-9b9c-a4255d0a1d0b&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Server
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 30 Jan 2022 21:47:06 GMT
viewability
hal900026.redintelligence.net/ Frame A955
0
150 B
Script
General
Full URL
https://hal900026.redintelligence.net/viewability?s=98481800237293200951389011855026&a=72c877d2&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=98481800237293200951389011855026&a=bde80466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 21:47:07 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
ts.js
cdn.retailads.net/ Frame F5FA
5 KB
5 KB
Script
General
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1181067315
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
accept-ranges
bytes
etag
"14aa-5d6188919baaa"
content-length
5290
content-type
application/javascript
dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
adservice.google.com/ddm/fls/z/ Frame 977E
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLrT79-52vUCFVz3UQodmfsCNg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7033600942995.937?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 04CD
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=98481800237293200951389011855026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
55881
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 30 Jan 2022 06:15:53 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
RUicN5TvFUnHwNueIFs_uURG5NjXBdIUN_hVnJ4oFSP4i6qeNg_Ssg==
link.html
track.webgains.com/ Frame 04CD
160 B
618 B
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=74897400281653900710784011855019&wglinkid=3392365
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5543899617659266&output=html&h=90&adk=2025600277&adf=1655990041&pi=t.aa~a.2572183418~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1643579226&rafmt=1&to=qs&pwprc=7427565917&psa=1&format=1080x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F%3Fdo%3Ddns&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643579226031&bpp=1&bdt=2098&idt=1&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2bbd1114a43b817b%3AT%3D1643579224%3AS%3DALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA&prev_fmts=0x0%2C1200x280%2C1110x280%2C429x280%2C1200x280&nras=2&correlator=3569225387515&frm=20&pv=1&ga_vid=38563035.1643579225&ga_sid=1643579225&ga_hid=1169998463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064587%2C31060032&oid=2&psts=AGkb-H9xvXqLeg8025EopaBVBALwScM1IHJaUo47-ayEgxDsbu3gzIhAPRumjgAbqB6ac6pHJZledY1_CT4&pvsid=2827458361515167&pem=13&tmod=1941092400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=5&fsb=1&xpc=b9OPXdYZw1&p=https%3A//www.jagoanssh.com&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jan 2022 21:47:07 GMT
Last-Modified
Sun, 30 Jan 2022 21:47:07 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
160
Expires
Mon, 26 Jul 1997 05:00:00 GMT
eht.js
fundingchoicesmessages.google.com/f/AGSKWxWYUgB3m2u_JpCMCXWCfOWJ3OTpXY7GUc_OOqXbPciimFdz95VA4tcZ44A1QeScWvJu1eJtw9BmsLqlNqO5mKOx23RELzpZf8WWZy3Poj7IaksTSBg98z_a5hbHs-Tbdv5iy6ovryfUSkKZ6E58sEw681gxB...
54 B
107 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWYUgB3m2u_JpCMCXWCfOWJ3OTpXY7GUc_OOqXbPciimFdz95VA4tcZ44A1QeScWvJu1eJtw9BmsLqlNqO5mKOx23RELzpZf8WWZy3Poj7IaksTSBg98z_a5hbHs-Tbdv5iy6ovryfUSkKZ6E58sEw681gxBgFBLQWa1g-LJHT9q2N8hh70aYM-TUoZav2pFFZTl8vFTu1O3WlfN5KE7G1I5WADE081q_RQ3baSM5f10Hw=/_/ad_parts./glam728./admatch-/eht.js?site__assets/ads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
186da89d4e3a4c2e666054bde2c9b9684451afba0d22499b7c46ff05b2b71c5c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ofoWjv3E3Ftj3Z3/yccUzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/
59 KB
22 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1380
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22887
x-xss-protection
0
server
cafe
etag
17106819053595883683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Jan 2022 22:24:07 GMT
AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R9BSTZFmMDoil497DMZiJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R9BSTZFmMDoil497DMZiJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-R9BSTZFmMDoil497DMZiJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R9BSTZFmMDoil497DMZiJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame F971
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oVU3g1/nv/mURYJ5qJwHiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 01AC
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hal900013.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hal900013.redintelligence.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yvm+/gQYO5w2vL4iGRXrjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0Bb2-Y9FkHbaRUQUkGRDvJ0Z-EZHLCtpLF0ahhSHkyIfakenOVmSUdMw8fgXXvvz6NDrIKdyWaAD6sCKhewTm-RtOrzG7SfjqGimUYDEKDgtahFfqhMacpd2tuDlQYYBIRZe84HtX8ynVsbLXu5qJW8e0vzxbkib5VRx6a8-l-URd6s1tiLgSTbGq
fundingchoicesmessages.google.com/f/
38 KB
14 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU0Bb2-Y9FkHbaRUQUkGRDvJ0Z-EZHLCtpLF0ahhSHkyIfakenOVmSUdMw8fgXXvvz6NDrIKdyWaAD6sCKhewTm-RtOrzG7SfjqGimUYDEKDgtahFfqhMacpd2tuDlQYYBIRZe84HtX8ynVsbLXu5qJW8e0vzxbkib5VRx6a8-l-URd6s1tiLgSTbGq?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNTc5MjI3LDYxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmphZ29hbnNzaC5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ceffe7f8dc8dadd003d2f363f5a0717ed4cab85afd5c23aa6f3397f51dc4769
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.jagoanssh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6xazOf79RL+zLzhpdgHtaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXXDhUkmNS8fI2GKLhIYNSe2Uk1jpAL8reHTq6bM49_S-HH-nrfmXoHEQpUYZWYUiLCcSzkcqLbiVRQgU4UhHwDlT0_8enF_ZaYwQ858GJ1e_lLGxkSWva_XJOWh_UE4YEfK7OD8Pt-9u5nZUs5plCYvKdg-nmPX78QwZL-IS6eEDJjBwFVsFlaBH0D
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kk9TRl4MpvhsQoMOeVERUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kz1smwgp&ctx=0&met.9=1.13r~13.16i~2.18s
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 21:47:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUdOPMTDg0XEeBVwAobiXjjXcmgkCf-QmI94RKjjyv-g_P8AQbqeRHDheJGxRDL3gx83-ZQVkfMocUzI7kbQW-Ln35fgH8YYIDP00PYRRgxl7TQYyglSWryn9SJLipeu_PCMMPhmV0YBbLJdpSsLRfLDIipcl0HVtCgNmkrgUOM9ItQ2ksuf1LkIU12
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUdOPMTDg0XEeBVwAobiXjjXcmgkCf-QmI94RKjjyv-g_P8AQbqeRHDheJGxRDL3gx83-ZQVkfMocUzI7kbQW-Ln35fgH8YYIDP00PYRRgxl7TQYyglSWryn9SJLipeu_PCMMPhmV0YBbLJdpSsLRfLDIipcl0HVtCgNmkrgUOM9ItQ2ksuf1LkIU12
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.bSHIkdPkz40.es5.O/d=1/rs=AJlcJMwk2gtA0qlnSZ9u1A3zP91R6GbHNw/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-94cNh+hwVNoDp25+jbOudw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-94cNh+hwVNoDp25+jbOudw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jagoanssh.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.jagoanssh.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-94cNh+hwVNoDp25+jbOudw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-94cNh+hwVNoDp25+jbOudw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 04CD
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 Jan 2022 21:47:07 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| __CF$cv$params object| __cfQR object| __cfBeacon function| __cf_worker_run_after_load function| __cf_run_after_load string| GoogleAnalyticsObject function| ga object| googletag object| adsbygoogle number| x function| f object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| google_user_agent_client_hint object| cookieconsent function| $ function| jQuery function| Stellar object| jQuery1124003495210224053391 function| Waypoint object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| recaptcha function| WOW function| closeAds function| downloadJSAtOnload boolean| __cfRLUnblockHandlers object| closure_lm_503268 object| Arlina object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| YWIyMzg1Mzc1NTk4MTIxZWxvYWRlcl9qcw== string| YWIyMzg1Mzc1NTk4MTIxZWNhY2hlZF9qcw== string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| google_llp boolean| 72b21fc6-b7c4-4cac-b148-708e73090767 object| _google_rum_ns_ undefined| google_rum_values object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__

34 Cookies

Domain/Path Name / Value
www.jagoanssh.com/ Name: PHPSESSID
Value: o7hkp009jp2ujdi55q4p7qamj6
.jagoanssh.com/ Name: _ga
Value: GA1.2.38563035.1643579225
.jagoanssh.com/ Name: _gid
Value: GA1.2.2020073826.1643579225
.jagoanssh.com/ Name: _gat
Value: 1
.jagoanssh.com/ Name: __cf_bm
Value: CLEvSZjFlpsP4_ip1ELxtKaogrP1QhAbbBF0SX4Dfak-1643579225-0-AX2VqDuBZJoPYRRJJUbc3RIrjzkcBkIpeCqwvG0R9zNM1YKEvEM6gyAtfKNUFxqc8rXxkjjCWqZjuTtZhPU5UKglGJMSxWElEW9Q7WQ3ZCBBgcZXAxxh3f9EbH1kjj25kw==
.casalemedia.com/ Name: CMPS
Value: 3267
.casalemedia.com/ Name: CMID
Value: YfcHWTFfNurtjbe-4o1kHAAA
.casalemedia.com/ Name: CMPRO
Value: 1179
.doubleclick.net/ Name: IDE
Value: AHWqTUkFiilrsC5Li2DEtyH67641QvAMoy1o411KntkinUOXhxZa57Beh6iZ3Yml74I
.jagoanssh.com/ Name: __gads
Value: ID=2bbd1114a43b817b:T=1643579224:S=ALNI_Mapfy1DqIx8hFCE7BnF3sJ_fS3bOA
.adnxs.com/ Name: uuid2
Value: 3325251222301129800
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU!r_1--!]tbPl1M>e)ZlrFUfJ+tGXxp?LY]-<^%8#EExLW:Z4KT5E_5$sOyyxM7<ny1%nugO%v4VB%nm)z)lQf!
.mathtag.com/ Name: uuid
Value: 6ae361f7-0759-4801-9b9c-a4255d0a1d0b
.casalemedia.com/ Name: CMRUM3
Value: 2d61f707592760CAESEB-Ln0m9NpVD1dTcAdoImP4
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: c57bfbe3e363bdff
.awin1.com/ Name: awpv11830
Value: 296283|1643579226|2aecdbe0-8216-11ec-983c-2238a966fab2
.yahoo.com/ Name: A3
Value: d=AQABBFoH92ECECYXHCY3l7R_WIzwh64FUPIFEgEBAQFY-GEAYgAAAAAA_eMAAA&S=AQAAAuaRfhhnnfe1mOu6yf6dijs
.turn.com/ Name: uid
Value: 3357356878576917259
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~22yl
.lijit.com/ Name: ljt_reader
Value: 4c1a1832a5f6f85bce99e99d
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1643579226812,"clickCookie":false}}
.awin1.com/ Name: awpv14098
Value: 296283|1643579226|2b58bd10-8216-11ec-983c-2238a966fab2
.awin1.com/ Name: AWSESS
Value: 379097:2519595
.retailads.net/ Name: ppb2172
Value: 1181067315
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.quantserve.com/ Name: d
Value: EBQBCQGpJYEA
.quantserve.com/ Name: mc
Value: 61f7075b-0d6b2-99ed0-ac154
.futalis.de/ Name: raSIDb
Value: 1181067315
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 64B890AE-BA12-414F-B1AE-B3CAEFA40E3C
.casalemedia.com/ Name: CMST
Value: YfcHWWH3B1sA
.jagoanssh.com/ Name: FCNEC
Value: [["AKsRol_GiIHDl5lVMvEGNIXaEb7-TQEBFxh6BO7VT7qz7G7FNgpYNvqAUNhjcbhCyf9gaaiwltqfyjjPj0moLPjcw-ux24-mwQbSKMawrJeXI0YzS3UD3ETEBot_I4kY_otYxejXrcr2YltoysY2ldGrjVgY2vbnTw=="],null,[]]
.innovid.com/ Name: uuid
Value: ab36222e-9257-4c71-b939-bd188dfec0c9-20220130 16:47:07
.doubleclick.net/ Name: DSID
Value: NO_DATA

3 Console Messages

Source Level URL
Text
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF7EbFNbrLNOOKIlp-bIXRg&google_cver=1&google_push=AYg5qPLaBLEf5esN0543EqZUSGyrq528PDmw3aWWeF3iqb_A81Gnm7UMMUbi1j3S0UoQCtva9QVzdMvbMhKrnbpJyIJyYpfEP2U
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJQ102wZhRFclccM35uD7Ia0ePTG8QBpqB61m0xgm-jBiDhwGy0vDcgTDSJqCLePyoTMO3EwMtTN1hu_6ZOWdcPcAFWqVpI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfcHWTFfNurtjbe_4o1kHAAABJsAAAIB&google_push=AYg5qPLEzt4u7Qz5KCfaEXUis-Ln0xBxqk5fFyU1tGY-O9s8g5mRPTKzhAxvT-PhcB7BJGYQJlvFQJyLxsYlkhxiriAxdYEt-WUj&google_gid=CAESEPfEByzrcksxto4eQaRGrHg&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
cdn.jsdelivr.net
cdn.retailads.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
efe942c455fffafdc7ae55ee9ca7de14.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
hal90002.redintelligence.net
hal900026.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
r.turn.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.mathtag.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
webdns.eu.org
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jagoanssh.com
cm.g.doubleclick.net
104.92.94.3
116.202.48.214
13.224.96.83
138.201.84.244
142.250.184.194
142.250.185.194
142.250.185.198
142.250.186.34
151.101.194.49
167.233.14.134
18.156.0.31
185.29.132.246
185.29.134.248
185.33.221.89
185.64.190.78
199.187.193.181
2.18.233.201
2.20.157.55
2001:678:cb4:bbbb::11
2600:1f14:d24:9301:dd40:66a9:6fd6:5d1d
2606:4700:3031::6815:5f9c
2606:4700:3033::6815:4859
2606:4700::6810:5914
2606:4700::6810:5f41
2607:f8b0:4007:809::2003
2620:112:f006:bbbb::12
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
34.98.67.61
35.227.252.103
46.236.13.147
46.4.10.47
51.89.9.252
54.72.0.164
72.251.249.13
8.39.36.141
88.99.219.174
001e2715fd38044cebc280676c5776ff00a5352c637fde0fe3d598e3ae82b693
0038aa9ed4d1e13c44aa42702a80f572db33ce03089a82b32c60c0a3b446a881
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
07c1a4ddc1ca58f5ea6870d7d12ea467068c57338ef4b40ea2e9169622c77272
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f
0ceffe7f8dc8dadd003d2f363f5a0717ed4cab85afd5c23aa6f3397f51dc4769
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
0ebfc313a59d63927ed3d9c43d2210ff5594f2cbaf95137faf804b139b343bb7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15b7f575ef8013b341a44f81bfde1121e34cc31ce82217380e34f3cde0cd04ae
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186da89d4e3a4c2e666054bde2c9b9684451afba0d22499b7c46ff05b2b71c5c
1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813
1b4c7b236abbcddeddfe06ffef4146600d8437a6168ecc6d94aa7130bc658381
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c02a93417c62551493ed97235c99ef7b6ebd49f04e97005be613fdccfd98294
1c8dfc5e67b17f50316f8c627d2011d95a83b834c53681e9be10dd665424fd05
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d1aaffff8c70f7fa910784f6da780b400bf1ce37123186c01bf2cf251b89743
1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49
20d2b7472f76c7831a98ccbc252db65d4491a6c29e58d24d0c250c49cf91ed56
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f
256ab45e72d00811a252550bde3f17d2818b72e8fa2839b53c220ff8244cd6b7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d13ac8664a2f3f61828693d4b717313a842261c427d5a5298c3c6d9ecd8a315
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
325715991e5065756a482444881c499f0e8bf48900416032b0cd1c793ad3cbd9
34a9266d3a2bff74d6b3233721767543fd0e57f4835cee714ea892f5497196cc
34ef825d1200a7fd65de67bd50216e4564db7344dd4c78fa7b53fbdd756c432f
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416a4175b9e9a2cd86f7ce7276d53521204b552c560aef704ee612daf654ee5e
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
455af23717de3e11bceb3a34d2f34b9084f88c31533feb1c9b515ae79beb9424
47d2624e2edaac119158393b2705a224f485012a3ef6584cbf217f2d5bf60e70
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a3b01ac23a5794bf248c90d09d856bf0dbb3a9998f759280ae59ea73365f612
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b94183936f0779be9ebb031e139280604f6ec14768e1660ee8b45eef5d111d8
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f34dce1876f1252e49d0879d89279114caaa052e95b35315f264b632b1fcd0b
4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505832b0febadaa67469fbab3c0c6b2878db701cad5305689276528b349d0070
511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe
5442363bd6ec5eeaf3879064e39174d75d0daff3314700a316d1833b68c10dfd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cf12758deb08a462fdf37940746b9cd2cd2b4cb6464852f6c89af4107d872be
5e2bf5ae096cf3c9b078b3a3360931d86a33c7eb8e7897cb14e7f4b5e2188b4d
5eb31c1817c870043538269a7e2d0c6dd483fb5c6a743e81edf46e0cb09cc38a
5f93f0286980feac0bb1912db6302af4e359eb243107bd2695ba94135a4989bf
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f813da14d17d7228fde504ae1e7f073d14876cd92f51abd3d8fe4cc5edf5bd
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6c55b098ddb1750a3a50709e64c3ff3adbd41597a1174b75f9dc0a6636227cac
6d17c191e5863bebf998cf621ba7ca1738a59ef7ea3db73a423c4a94b3e51f09
6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76
6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486
6de40905de741f102a7901a3e62cfbd9424555aa62d247ad8d68ec266d5dd92a
6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1
710a975426a0027b34f7cc6501a72c190d7480befae89d4afa69115ed8be93a7
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
74ff9418c9cefe00d5c008ee0daed56389be2476f26a462ae27af671b2b5029b
751af7d272f028613431e3417b6ad1d44e8bd2b10c5c1f601122d1edf058262d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1b9bb1655d869d3f665f031438d85870594ead470e527bf521660607c6580a
7c22b29ea6850ba0926ba3222b8bad1bfff9cccc30185ab5ec9e676125efdf34
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
8354ab5571ba5f27d4b26096f201e86426cb1365b53fd80fb6e91bed791dc9f2
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
85f93f61aafab804a71f970e99ce3b0b13ab4f5c53c1b152535bda6fc00850c8
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
879644896c5fdb364366c5efbf1cb7981527397b0f1455ae7fc4231b3c7061a7
8a26386fd133ed4f61924e6a17ff50a5cfa30a23dab6352d2e76cd8f615db0c9
8ca97650cc0f2d29d0b600f88adbda5fadb53f1126feb541913fd630dd67f44e
8ce776f6eec4192fffefc170c47a6b8de020e4804e884e71eca7ae9ea6072a3e
90c5e879a6bb719bd591edb94ed0a04539f91b5055a274575a38f7e14fb776d9
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d80fa44808b9011edded6804b3450868a7cb22add2cb7980c09e5bc903caf60
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0489701e93e6bc91552e355d841871d22adfcecd62abcc683a04fcab616dc5f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac34d7b2da7b6bb92d6a8cdd6a8708bc271fa7739947be98c9a7ceb55c424acf
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aeead43a5572e3543fa56e7cd441f9ac5360c435360d7b951042ef75dfaee72b
af4e4e95ec92a7f33674fa60611f2d96e9c9aeafa9828076739bf20d08afac95
afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34018b7febe19cb767cdfad90d7ef38458a38780ef8fa76c8a5162edf31b072
b8314d8688065526d4f5842b7a571cb34a685331c7c75b2159fa60bc1657445d
b9c59ad15fb8a4c919e6f16557d181e93eeb3210498495e8b6b345e0dd043ba1
bc531fa86bea442e30fdc7d547dd2e8f795c30a6366630e025fe9baaba2bb74d
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb
c420977971d8a84ba0a82893c3eb118389dee67767141ac81cef22837dd51276
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4a0b5bdf6777c0df8e6c3c4c4ea50b1b4f69c218bdb0e9319dcd61f66b2e4b1
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccbb07d96140c7b362a7354521f1b4df71f3eb6160ee83616a97bcc8d5be711e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cdbe1ef58468076aede420dea4b2fccbd9cb4e86cc1517d4b52db96f10b174e5
cee9118aab4a91f88c194ade05a1b2be68b66b2ce2dcc2cb5ca081ad39269ad0
d10c55737d31f7fe33161fc934c0272b39c013d2bb441093f70b03a364342986
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7db523878d8545d790ba921ace451f96ac60cd946cd8770d37012a116cc3e8e
dcfa3c266dc1db6bc5d452bc89db79ee64260416a21a03660d2048a2e7776f5b
e037b3c7b7441f8d0999a402e6d6c55679a29b1ed0be4c89ea44e46a698fc53e
e0825928eb732ce936f063676a8bde6ec18f3a6c84e00cc28504b41343f405ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f566130bda8a3b3d344d365fa010b06611519a3f2d110faa73fcb506fa4d8
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e76ce1a225599c0b17c4a4c4b3b49bb0afdaa2b7e0bc7581ec5b9f524c8c5857
e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
edea4757f61c1a939af7dbe2a2c9cee16982c870a7ffe110948ae01503a7150b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dc407a28b9bc6862935d61896359353389c2c207b30d4d915b03e870d56ef8
f17d4f9759d02cdcdba50495a874d33b5e9f15ab2decb05b9343d4d3357f9457
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f2152b36944f90f3c925c0d1eff7c1d061ac52acc8b4a26691766e27d0b59138
f22f65bc2bc02fa5f8875914362ed1f17a464e7d1346fcbdea88d694c06158c7
f319c6a215938206737158adb32e9e89e978502432416a5237c7e0ee4a3ba3ca
f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fada4ef16159c4e4fc5a47b9b377215f1625096f49df7f74892a63e59c8ca038
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fdb888f1c9732cddf69c51e3b98306455a2e2aba3cb279c6ad28e6cd9ead756c
fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925