giftcard.jaknet.my.id Open in urlscan Pro
2606:4700:3034::6815:2a74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://l.ead.me/signin-unsual-activity-to-venmo-caseid-gothckd
Effective URL:
https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Submission: On July 24 via manual (July 24th 2022, 8:34:48 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3034::6815:2a74, located in United States and belongs to CLOUDFLARENET, US. The main domain is giftcard.jaknet.my.id. The Cisco Umbrella rank of the primary domain is 986671.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 4th 2021. Valid for: a year.

This is the only time giftcard.jaknet.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.122.9 18.66.122.9	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:303... 2606:4700:3034::6815:2a74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:206... 2600:9000:206f:3a00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
9	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2a00:1450:401... 2a00:1450:4014:80f::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
127	23

1 18.66.122.9 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-9.fra60.r.cloudfront.net

l.ead.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3034::6815:2a74 (United States)

ASN13335 (CLOUDFLARENET, US)

giftcard.jaknet.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80f::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	730 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 615 pix.eu.criteo.net — Cisco Umbrella Rank: 7179 csm.eu.criteo.net — Cisco Umbrella Rank: 7348	29 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	144 KB
11	jaknet.my.id giftcard.jaknet.my.id — Cisco Umbrella Rank: 986671	266 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	181 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 372	129 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	4 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	170 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13433 ads.eu.criteo.com — Cisco Umbrella Rank: 7319 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9222	60 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16862 s4.histats.com — Cisco Umbrella Rank: 14287	5 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1409	688 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	476 B
1	ead.me 1 redirects l.ead.me — Cisco Umbrella Rank: 192853	369 B
127	15

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	giftcard.jaknet.my.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	giftcard.jaknet.my.id	giftcard.jaknet.my.id pagead2.googlesyndication.com
9	pix.eu.criteo.net	ads.eu.criteo.com
8	cdn.ampproject.org	giftcard.jaknet.my.id pagead2.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	giftcard.jaknet.my.id googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	giftcard.jaknet.my.id
1	l.ead.me	1 redirects
127	23

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.idtheme.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-04` - `2022-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
histats.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Frame ID: DC61D5A0B9838C6915794910223D3903
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 3A5A220A9722AFF0EF507A69A4E5CAF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&adk=1812271804&adf=3025194257&lmt=1658694883&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883331&bpp=2&bdt=289&idt=162&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2163749371556&frm=20&pv=2&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 9927D411164543B34397E7CC48B2F623
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192
Frame ID: E00FA6F7AD4282C09FCDB494080C1464
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=1815089948&adf=1961598617&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883335&bpp=1&bdt=293&idt=203&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5BCIgE3tHB&p=https%3A//giftcard.jaknet.my.id&dtd=206
Frame ID: F07EFA73583600455983BB91DEACEB5A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=600&slotname=4676194412&adk=1736401022&adf=2752746037&pi=t.ma~as.4676194412&w=300&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883336&bpp=1&bdt=294&idt=210&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=L5oZ7FSjnU&p=https%3A//giftcard.jaknet.my.id&dtd=213
Frame ID: 63045566BB8609549C5624AFA1AED299
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt2s4wAIy2kIu_0XAAHgMjJ2Jui838YJOpOzBA&u=%7CgzHhJNiRFq6toHwPiVvjbKQ3UAvM3O%2BEK2BSqg6NYZ4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wLTpXL8hGfLi7AUUMURPUCbWEjGuwfa2eVlGRlw_W1uOOrIaafAxthSkJqe80v6n9vM_pkU6uMz-2cnO1dJxWssx92Zb9oBMOMM3EoSuWfvdeKY6B7STpIcq0NdKcVgBtOWfNtlBOa9HeaRToS8c2I0ju1TRNHpuYSM4-yMSO3bAOSwWpQ-ooWasrJmpBw2OQoT0QBSCakx8MgJAw3QiKjjjNM2l6aDm3bW8oUtXDN4ckFwHwBBKcggvec-C3b98XBK7dKCJoGsB2iCMSiFz4d8TBOa2DtedMZBd7K-EmCdSF2QiitbJXgATZO0KwuxvVY4qhOP1tyOCADgCldwnmDM2U_fSRFm81qtMniYr97MKTQ3TCvEdYGFlvCzJTpCuPzAtB92Ejj-kmMZN84sLuQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcjHt46zdYumWI5f67_UPssCHkALJntKxXPXqoYaIAcCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyoAHVttLqA8gBCakCXCwWm2wisT6oAwGqBIoCT9B_l-14-5IIFBNA6PGs4btadGv7AXtpjOKBVD-ikq1CpMGm1YTDii9AmXR8MMYHeXuzT3s58KK0Wlf8ub9p6TEt3rgZmSwWjGhx1iIt0NyOXFa9a-_71DyWg4VnG_E7AL3-slgWN_TdyfRvidnUw1zJNIx9xVHTqLwkIRZtN-JudfV9rCgl5_a2mRS5LACPmDaqYTiRwnrkHZtclhjwVjZEPiAdosD-sOAWdl3fGj2DpPxebIuzTayvdkweb3vl9qIhACr0d17lAP29I3XbO5al61lwcGIGkbCjE0OLXz0CnKE1J22fuvF3Akg4bm8LgAN76cTWu1BClEQZpL5ejtEH20mhWNfqNZGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m-gAGamO6G6q1elYjE3QouIxQXg%26client%3Dca-pub-3085456807504492%26adurl%3D
Frame ID: 4886C7551ED1C696DBE093649F0DCC9F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html
Frame ID: 1022DEC1283B73015782277DF42D465C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3023182EAB3AF89772BEEBAAEF57F08D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: FB5D245CFB28FC9F10E575EC10D7614E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: 37ED2E1EE2A9075BDA1D72087313C6D4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs
Frame ID: E1D03AB5A89287403FF9FB96697FFB44
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: 24027F7E909A1D18AC7B50B20BE54D14
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js
Frame ID: 4413424878B8FE12F458DEEC9158CE81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F6D565A5B22C970D1A07DDE9D70A3650
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js
Frame ID: C6DA9A5858D5CF02C29AA687BD07D9BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8D5BB3A54969DAD5697FD8F6DF2CF50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9513F6204063162B7E586B9CCCD0900
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Venmo Account Got Hacked? Here Are the Steps To Take – Gift Card

Page URL History Show full URLs

https://l.ead.me/signin-unsual-activity-to-venmo-caseid-gothckd HTTP 302
https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

127
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

1720 kB
Transfer

3903 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://www.idtheme.com/superfast/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://l.ead.me/signin-unsual-activity-to-venmo-caseid-gothckd HTTP 302
https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

127 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Redirect Chain

https://l.ead.me/signin-unsual-activity-to-venmo-caseid-gothckd
https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

38 KB
9 KB

1360ms
1073ms

Document
text/html

2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded71eb769791ae8a7580cddd2d943f3d3c0f4fe86a192f1b9943d816d29ed1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72ff702439bd901c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://giftcard.jaknet.my.id/wp-json/>; rel="https://api.w.org/", <https://giftcard.jaknet.my.id/wp-json/wp/v2/posts/141>; rel="alternate"; type="application/json", <https://giftcard.jaknet.my.id/?p=141>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LJaVc49jFLu4tBb2FEyqEo6QrxGqL2nOsNqoDCW13CScNe%2FMI6vc%2BVQGCEJZ%2BbUDnrMN5OnlhI8m0EjKhn3x2LT3eM%2FX4hpVyh4Zrtgo3uKXmNNZYqff8Cw7rFOFvVnTO41WwSPavKY6DhHSHddYeknYwY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-pingback: https://giftcard.jaknet.my.id/xmlrpc.php

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
pragma: no-cache
server: nginx
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-id: EpWCkRXPzXkHrbWVJ1jfAaCf-xZ7UpqvS7qFaIsKQDaoSxDFFIXPLA==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront

GET
H2 200 style.min.css
giftcard.jaknet.my.id/wp-includes/css/dist/block-library/ 87 KB
12 KB 35ms
30ms Stylesheet
text/css 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jul 2022 00:35:48 GMT
server: cloudflare
age: 5151
etag: W/"15b64-5e3a4f76fb9ca-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgRoHm2Qftz32dSbb9MH5mC0NS6lPMlaoT5eLW1zO%2FdXpGgpZHnmG4SvkQlw9NqeYpE5B6v83pLArBM5KQwL1GL1qlUIfIz0qNRE2KMevCK07Indr5PSNvXZciB70x3JVSiCuXlyY20qls4a9vHrJjXh8mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72ff702b2aab901c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 crawlomatic-thumbnail.css
giftcard.jaknet.my.id/wp-content/plugins/crawlomatic-multipage-scraper-post-generator/styles/ 2 KB
843 B 32ms
28ms Stylesheet
text/css 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-content/plugins/crawlomatic-multipage-scraper-post-generator/styles/crawlomatic-thumbnail.css?ver=6.0.1
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b6fba32de585222e313609ae1e6a9556aa2101a0d08ebcae3b9597b7769ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5151
cf-polished: origSize=2115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 24 Jul 2022 17:47:20 GMT
server: cloudflare
etag: W/"843-5e490a8b07e40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtqzPDMabu2RTG6Zvo%2B1PEOr5jDS0aVsrVg%2FRHEgWUz%2Fz3v85UZFT4QSy5GYVPT6DmnzpqIZltrseRX%2FwE1HD9NFLmpeLHjuadXQ90ijorx0nGhsRo3BtAVbTm9MXD%2FwY6tQk%2BvMYgQNoS0%2BH3F7530s44c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 72ff702b2aac901c-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.8

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 20:19:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:43 GMT

GET
H2 200 style-nonamp.css
giftcard.jaknet.my.id/wp-content/themes/superfast/ 56 KB
12 KB 34ms
31ms Stylesheet
text/css 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52a9a00b82c8a2eb79d9d257947bc55a7d5e4e5eed92d2ea0d51dbb91c8f1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2539
cf-polished: origSize=67539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 05:54:27 GMT
server: cloudflare
etag: W/"107d3-5e31c9a11cac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XmcRXlWlHwTx5Mdf3H%2B%2FdZbQIPAMVE%2FOCfey50UgW9hhdSQKSvg481U7%2FelbdAIHw8DIZ%2FF%2BhbBsuLXTVX7%2BJFSXKlScq8Z4gn6rHorv4vP2tahApdY8H5MBDTjwemCp9tZRr6D2Rw%2Bt4wPhQTW9BDHPhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 72ff702b2aad901c-FRA
cf-bgj: minify

GET
H2 200 style.css
giftcard.jaknet.my.id/wp-content/themes/superfast/ 0
342 B 32ms
30ms Stylesheet
text/css 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-content/themes/superfast/style.css?ver=2.0.8
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5151
cf-polished: origSize=684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Wed, 06 Jul 2022 05:54:27 GMT
server: cloudflare
etag: "2ac-5e31c9a11cac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6Kw4%2BqZAWGj1CPCq29Td0PKSip7V%2F2FsSGYFCCu1B0pGm%2FLl4QeXLpVklX7pL8Cq4I4tW%2FFGR3HpwIrm6%2F9FowC2a%2BvcQWl4Gmh2NFtgIHyYPwX1ej%2FlmxdOdk9T1gxKaUeYpnJJ5MMO9%2BzXU4P5ley72Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72ff702b2ab0901c-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 107ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f30f1064af36184106b5d6e0a09c7a1ecb76b22e0ba2a2306a3fc4f749ae88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Origin: https://giftcard.jaknet.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56679
x-xss-protection: 0
server: cafe
etag: 9852410936321966592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 20:34:43 GMT

GET
H3 200 venmo.png
giftcard.jaknet.my.id/wp-content/uploads/2022/07/ 142 KB
143 KB 33ms
33ms Image
image/png 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://giftcard.jaknet.my.id/wp-content/uploads/2022/07/venmo.png
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db65806f2e4df171627e1bd6575e1a61e0da7d1852aa5c2aae5c425a41f1020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5150
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145646
last-modified: Fri, 22 Jul 2022 16:54:24 GMT
server: cloudflare
etag: "238ee-5e467afbd1e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa5JnEkY7ntGf5t9B68MiJ5BoU910miYM%2BNbmRkzz5K6w6B2A18E0Mz1cEde%2BMmjcwHS7V6zOsla1ZYoGiH9KmzIZ4729TrYHYzvLEc1v3tkwGJt6MyyHmfIe%2B1OgnSemSoQVxICjbICxNPjcQvWiGwf4AM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72ff702baac0bbec-FRA

GET
H3 200 customscript.js Show response
giftcard.jaknet.my.id/wp-content/themes/superfast/js/ 11 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-content/themes/superfast/js/customscript.js?ver=2.0.8
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049f73fcbfcb0f2db50d333edcdebb1a321b07d276b39dff10cc1f0c641d023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5150
cf-polished: origSize=12480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 05:54:27 GMT
server: cloudflare
etag: W/"30c0-5e31c9a11cac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4OrvBI91xOfPV%2BrKqC9T8kcgKicEuPiKQJqC6%2F7jAJX6gqjzCbt9cRhM%2FUxJ9ZgniVNgN0zbAs6lyZO1%2FotOpKLRs60U4zsk2RtXGtP3bgBdTiGYvLWFQpS48xtIwQ2zKhBszIPcIYufNKtDjpOS%2BDjR3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 72ff702b6a49bbec-FRA
cf-bgj: minify

GET
H3 200 comment-reply.min.js Show response
giftcard.jaknet.my.id/wp-includes/js/ 3 KB
2 KB 30ms
30ms Script
application/javascript 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-includes/js/comment-reply.min.js?ver=6.0.1
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
age: 5150
etag: W/"ba5-5dc2a2438e980-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQpXlyT3vhepEQ63XXWR7kIbhnRRB%2B%2BlGHNtMb4e68ad54IrYC3nDp2lz17CEI317Z0CUVKrE%2Fqi1gZQU1p4hJAakl0WKvjws7pDpRSqJ%2F2GEN3tFGg%2FLTNGjNkPRVUsj4oMsnMhy5p39qvT9%2FpR3hyDbvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72ff702b9aa3bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
giftcard.jaknet.my.id/wp-includes/js/ 18 KB
5 KB 29ms
28ms Script
application/javascript 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: cloudflare
age: 5150
etag: W/"48b9-5dc6eb878efc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJbDtBCm9%2BcA4ThiUjnz0ktwD9yTRXUH4O9VNqfmnYqHgvatzgAEu5PjueEk7VNeM1wIWdaCJmy%2BbGqKRYAL0T53IGrEg4eOuRWcbr4HOHDjk5gtf0aggVn8Ur3ScsTz0rTcq%2FINZ6PKsi%2BCkG%2FaX7PQixM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72ff702baac2bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giftcard.jaknet.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:12:22 GMT
x-content-type-options: nosniff
age: 516141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:12:22 GMT

GET
H3 200 ElegantIcons.woff
giftcard.jaknet.my.id/wp-content/themes/superfast/fonts/ 62 KB
63 KB 34ms
33ms Font
font/woff 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://giftcard.jaknet.my.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Origin: https://giftcard.jaknet.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Jul 2022 05:54:27 GMT
server: cloudflare
age: 5150
etag: W/"f8b0-5e31c9a11cac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTWy8L9j5i72dqVm0EMQq8EJnEdEi7zeUk7FiXmCOcuaAWUi7vRk8k1cn8LL%2FhwV0JRZQpwFGlpf6CT8GevnT5LTDLW49rtghSSfnynNWWUwC1oxOngXJb%2FYLerOUJ6k3P5dR7OuDnSGO8RBhmIrxazaHUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72ff702bcaedbbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 111ms
26ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:29:08 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 544965240

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 341 KB
120 KB 99ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3085456807504492&plah=giftcard.jaknet.my.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acb97f2b6f18a1ff5dc826ea61fd2fec7f3e7ea58ccd77cc4abc063d13da7b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123109
x-xss-protection: 0
server: cafe
etag: 11628330120577077652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 20:34:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 3A5A 10 KB
5 KB 143ms
22ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 15:42:32 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 15:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 333ms
105ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4677127&@f16&@g1&@h1&@i1&@j1658694883364&@k0&@l1&@mVenmo%20Account%20Got%20Hacked%3F%20Here%20Are%20the%20Steps%20To%20Take%20%E2%80%93%20Gift%20Card&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:124695560&@b3:1658694883&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 4a0d852e7a3d415687457ec4747edef55ef837cb330091a10b1c9fbf95e22296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 20:34:43 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 136ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=giftcard.jaknet.my.id&callback=_gfp_s_&client=ca-pub-3085456807504492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3085456807504492&plah=giftcard.jaknet.my.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 90ms
36ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=giftcard.jaknet.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
33ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=giftcard.jaknet.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 20:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9927 273 KB
66 KB 846ms
802ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&adk=1812271804&adf=3025194257&lmt=1658694883&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883331&bpp=2&bdt=289&idt=162&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2163749371556&frm=20&pv=2&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66f40734d737c775b6d0b6804347804475f02585278c2328a3cb7dd989fe937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:44 GMT
expires: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E00F 78 KB
29 KB 823ms
798ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7737f568b7d6bea41aef5499d7c68c72d1f3e50f3a45790229b5a2e896d78c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29620
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:44 GMT
expires: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F07E 22 KB
9 KB 520ms
510ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=1815089948&adf=1961598617&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883335&bpp=1&bdt=293&idt=203&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5BCIgE3tHB&p=https%3A//giftcard.jaknet.my.id&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fb9890b8281e7fdc607290e33788adfaaed706d0ec2f31aa7fe449713d78da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:44 GMT
expires: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6304 79 KB
26 KB 854ms
853ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=600&slotname=4676194412&adk=1736401022&adf=2752746037&pi=t.ma~as.4676194412&w=300&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883336&bpp=1&bdt=294&idt=210&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=L5oZ7FSjnU&p=https%3A//giftcard.jaknet.my.id&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d430a5ba614a1f59c9623ae37a0a1a412a0e5bba110b9752c4d690df946a7256

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMqfzvqvkvkCFaqB_QcdHWIBYg&gqi=46zdYozbIsbogAeCnYe4DQ&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26538
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMqfzvqvkvkCFaqB_QcdHWIBYg&gqi=46zdYozbIsbogAeCnYe4DQ&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:44 GMT
expires: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame F07E 3 KB
1 KB 103ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=1815089948&adf=1961598617&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883335&bpp=1&bdt=293&idt=203&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5BCIgE3tHB&p=https%3A//giftcard.jaknet.my.id&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:26:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F07E 138 KB
43 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame F07E 17 KB
8 KB 99ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:29:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F07E 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb-7846zdYumWI5f67_UPssCHkALJntKxXPXqoYaIAcCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyoAHVttLqA8gBCakCXCwWm2wisT6oAwGqBIcCT9B_l-14-5IIFBNA6PGs4btadGv7AXtpjOKBVD-ikq1CpMGm1YTDii9AmXR8MMYHeXuzT3s58KK0Wlf8ub9p6TEt3rgZmSwWjGhx1iIt0NyOXFa9a-_71DyWg4VnG_E7AL3-slgWN_TdyfRvidnUw1zJNIx9xVHTqLwkIRZtN-JudfV9rCgl5_a2mRS5LACPmDaqYTiRwnrkHZtclhjwVjZEPiAdosD-sOAWdl3fGj2DpPxebIuzTayvdkweb3vl9qIhACr0d17lAP29I3XbO5al61lwcGIGkbCjE0OLXz0C3qMUteoQJuLInlybvlKteApv43LclUjAIIwkAkzhkP0fXuMlS2iABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzA4NTQ1NjgwNzUwNDQ5MhgA&sigh=bbsyPyH-394&uach_m=[UACH]&cid=CAQSGwCNIrLMH7SO4nFOZM52SBf4cxSxgFv-GjkaEBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=1815089948&adf=1961598617&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883335&bpp=1&bdt=293&idt=203&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5BCIgE3tHB&p=https%3A//giftcard.jaknet.my.id&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F07E 0
0 111ms
32ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kub8EMz6RPYEmAKdg2ICAgAAAL8dA6edDmhLhrp8BhDirN1iEZ8OZVNEpvPHy00AEgAA&wp=Yt2s4wAIy2kIu_0XAAHgMjJ2Jui838YJOpOzBA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 327981
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4886 212 KB
59 KB 287ms
194ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt2s4wAIy2kIu_0XAAHgMjJ2Jui838YJOpOzBA&u=%7CgzHhJNiRFq6toHwPiVvjbKQ3UAvM3O%2BEK2BSqg6NYZ4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wLTpXL8hGfLi7AUUMURPUCbWEjGuwfa2eVlGRlw_W1uOOrIaafAxthSkJqe80v6n9vM_pkU6uMz-2cnO1dJxWssx92Zb9oBMOMM3EoSuWfvdeKY6B7STpIcq0NdKcVgBtOWfNtlBOa9HeaRToS8c2I0ju1TRNHpuYSM4-yMSO3bAOSwWpQ-ooWasrJmpBw2OQoT0QBSCakx8MgJAw3QiKjjjNM2l6aDm3bW8oUtXDN4ckFwHwBBKcggvec-C3b98XBK7dKCJoGsB2iCMSiFz4d8TBOa2DtedMZBd7K-EmCdSF2QiitbJXgATZO0KwuxvVY4qhOP1tyOCADgCldwnmDM2U_fSRFm81qtMniYr97MKTQ3TCvEdYGFlvCzJTpCuPzAtB92Ejj-kmMZN84sLuQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcjHt46zdYumWI5f67_UPssCHkALJntKxXPXqoYaIAcCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyoAHVttLqA8gBCakCXCwWm2wisT6oAwGqBIoCT9B_l-14-5IIFBNA6PGs4btadGv7AXtpjOKBVD-ikq1CpMGm1YTDii9AmXR8MMYHeXuzT3s58KK0Wlf8ub9p6TEt3rgZmSwWjGhx1iIt0NyOXFa9a-_71DyWg4VnG_E7AL3-slgWN_TdyfRvidnUw1zJNIx9xVHTqLwkIRZtN-JudfV9rCgl5_a2mRS5LACPmDaqYTiRwnrkHZtclhjwVjZEPiAdosD-sOAWdl3fGj2DpPxebIuzTayvdkweb3vl9qIhACr0d17lAP29I3XbO5al61lwcGIGkbCjE0OLXz0CnKE1J22fuvF3Akg4bm8LgAN76cTWu1BClEQZpL5ejtEH20mhWNfqNZGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m-gAGamO6G6q1elYjE3QouIxQXg%26client%3Dca-pub-3085456807504492%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35df02b5dc456f25dd79ad7de066494c479e4d51ff755a2b9fa59dd6c5e51a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MaxO9ctHC9iVoCLPr26nYaypr4Ex2zSvVRDnY1_XjHdS1GZVTzlFZUtcVnM3IVNRC_PxTk_Ty6xVyz5TSwAKrQ2mQASUnEt6ABziygq-7t9EmQeVAnldptkackV3FYi8L3-P77O61YX08BVGv9jMVJ8eP37tHl30nFnz3pWnR1xcXv2UrKSfL65P8PWcG3TELVJ2369Acvw4BR_0JI3LeIPRg4dXWKaHYvo3sGprmvXbEnRI9pxF25t23S1jqP8Eof0gKw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 158021164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F07E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a31e992e76d773f166901d4e3fca956a39b76cbbe088ee77e1caa0af8d8af0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame E00F 6 KB
672 B 78ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 19:15:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame E00F 2 KB
902 B 70ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:31:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame E00F 21 KB
8 KB 71ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame E00F 3 KB
1 KB 114ms
82ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame E00F 17 KB
7 KB 75ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E00F 138 KB
42 KB 96ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame E00F 30 KB
13 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 21:51:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E00F 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeR7546zdYpWbI4uT7_UP7v-24Azw-MqoX7zxsqDSD6CWgOyQAhABILmw7zNglaqzgsAHoAGMwq-bA8gBCakCXCwWm2wisT6oAwHIA8sEqgSiAk_QjqJE3_7BYT6eg7xyH6coVhzdYVZHtTG8Q7WlVNRj52tr6zMBAtaDL4Gl5NocuCiDq_1YVUo0IXPKbHmuJyS4IvU1xyGZ12WL2FrqudmpSyebiukBDA0j12g1FP24IeRN8VocteVVW9D_YAdxl8YQoFR0Kh7iXPv_wmfzqKis1h-a6SSsSmGYy76S8Igz6JnCKv5rb23MAoqRBRmGRV6Zrb0hdWj7K2wRC-JBQ12iXlz8kSpujOp5Q0uADY_diwE9mdhXkkPl0_Mrj-KwOfDyt_IRU26Tw1i9DUdq9YgE5JDUpdY-t0EGzHfpk8SgRNNRhVEcKc-NotNqxiIbtWOFyi8RuVbDnWqZW4GehjGzqzsTNLsCqQ1PwA1PT8LKuc2fwATBnPHkpAOSBQQIBBgBkgUECAUYBKAGLoAH3L3QZKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIf_LNIIEQiA4YAQEAEYXzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi0zMDg1NDU2ODA3NTA0NDkyGAA&sigh=wVm9Hy_ChZI&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4886 2 KB
1 KB 213ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt2s4wAIy2kIu_0XAAHgMjJ2Jui838YJOpOzBA&u=%7CgzHhJNiRFq6toHwPiVvjbKQ3UAvM3O%2BEK2BSqg6NYZ4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wLTpXL8hGfLi7AUUMURPUCbWEjGuwfa2eVlGRlw_W1uOOrIaafAxthSkJqe80v6n9vM_pkU6uMz-2cnO1dJxWssx92Zb9oBMOMM3EoSuWfvdeKY6B7STpIcq0NdKcVgBtOWfNtlBOa9HeaRToS8c2I0ju1TRNHpuYSM4-yMSO3bAOSwWpQ-ooWasrJmpBw2OQoT0QBSCakx8MgJAw3QiKjjjNM2l6aDm3bW8oUtXDN4ckFwHwBBKcggvec-C3b98XBK7dKCJoGsB2iCMSiFz4d8TBOa2DtedMZBd7K-EmCdSF2QiitbJXgATZO0KwuxvVY4qhOP1tyOCADgCldwnmDM2U_fSRFm81qtMniYr97MKTQ3TCvEdYGFlvCzJTpCuPzAtB92Ejj-kmMZN84sLuQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcjHt46zdYumWI5f67_UPssCHkALJntKxXPXqoYaIAcCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyoAHVttLqA8gBCakCXCwWm2wisT6oAwGqBIoCT9B_l-14-5IIFBNA6PGs4btadGv7AXtpjOKBVD-ikq1CpMGm1YTDii9AmXR8MMYHeXuzT3s58KK0Wlf8ub9p6TEt3rgZmSwWjGhx1iIt0NyOXFa9a-_71DyWg4VnG_E7AL3-slgWN_TdyfRvidnUw1zJNIx9xVHTqLwkIRZtN-JudfV9rCgl5_a2mRS5LACPmDaqYTiRwnrkHZtclhjwVjZEPiAdosD-sOAWdl3fGj2DpPxebIuzTayvdkweb3vl9qIhACr0d17lAP29I3XbO5al61lwcGIGkbCjE0OLXz0CnKE1J22fuvF3Akg4bm8LgAN76cTWu1BClEQZpL5ejtEH20mhWNfqNZGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m-gAGamO6G6q1elYjE3QouIxQXg%26client%3Dca-pub-3085456807504492%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4886 2 KB
1 KB 226ms
52ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4886 308 B
637 B 197ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4886 293 B
621 B 203ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4886 43 B
348 B 123ms
34ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nOIxAqIgar3PdS5R9BM-mVDRxQUuMvp7k_0qIjdzAHgPayrEXhh9BK7qa0YlafNBd1aikfbx8b92-nssfz1gELtmgs7Pd6ej481oifMBVwVxZPGhmzznE-mQThQYk-C6y-h7xk44-wuJy9_RDpmqpsqfm8p6dKblL7YlWaagyJPvP56X9EE-D6mxGl3I2IfJVa17J0A7EKGFELeJrY51UF0bzf_hMLecLZBp0yQNHDnnGg5v6aTssKDx9z19A-4uJQmH0MYkN5oNF3S1EK7mXNM6Ef-Gqr0ktFNTTVEg8IOMqAT8jIoXG8NjrdEc-GirLwdUTXdxVkvTyTwoKfQ3VMyhrg5dRs5uLY6voXRugQjrvC7e-v1UPXp6XVYd5Y7JefMNf6t4rY9LZvwSdjOLSD4oL01bQ64sX6XY-lbRKt-pUV4T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2783020
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 4886 0
688 B 221ms
130ms Image
text/plain 2600:9000:206f:3a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1658694883
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt2s4wAIy2kIu_0XAAHgMjJ2Jui838YJOpOzBA&u=%7CgzHhJNiRFq6toHwPiVvjbKQ3UAvM3O%2BEK2BSqg6NYZ4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wLTpXL8hGfLi7AUUMURPUCbWEjGuwfa2eVlGRlw_W1uOOrIaafAxthSkJqe80v6n9vM_pkU6uMz-2cnO1dJxWssx92Zb9oBMOMM3EoSuWfvdeKY6B7STpIcq0NdKcVgBtOWfNtlBOa9HeaRToS8c2I0ju1TRNHpuYSM4-yMSO3bAOSwWpQ-ooWasrJmpBw2OQoT0QBSCakx8MgJAw3QiKjjjNM2l6aDm3bW8oUtXDN4ckFwHwBBKcggvec-C3b98XBK7dKCJoGsB2iCMSiFz4d8TBOa2DtedMZBd7K-EmCdSF2QiitbJXgATZO0KwuxvVY4qhOP1tyOCADgCldwnmDM2U_fSRFm81qtMniYr97MKTQ3TCvEdYGFlvCzJTpCuPzAtB92Ejj-kmMZN84sLuQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcjHt46zdYumWI5f67_UPssCHkALJntKxXPXqoYaIAcCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyoAHVttLqA8gBCakCXCwWm2wisT6oAwGqBIoCT9B_l-14-5IIFBNA6PGs4btadGv7AXtpjOKBVD-ikq1CpMGm1YTDii9AmXR8MMYHeXuzT3s58KK0Wlf8ub9p6TEt3rgZmSwWjGhx1iIt0NyOXFa9a-_71DyWg4VnG_E7AL3-slgWN_TdyfRvidnUw1zJNIx9xVHTqLwkIRZtN-JudfV9rCgl5_a2mRS5LACPmDaqYTiRwnrkHZtclhjwVjZEPiAdosD-sOAWdl3fGj2DpPxebIuzTayvdkweb3vl9qIhACr0d17lAP29I3XbO5al61lwcGIGkbCjE0OLXz0CnKE1J22fuvF3Akg4bm8LgAN76cTWu1BClEQZpL5ejtEH20mhWNfqNZGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m-gAGamO6G6q1elYjE3QouIxQXg%26client%3Dca-pub-3085456807504492%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:44 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: iParbr4fz_Hx7LrgbCNHNinaeP0dmR2CUzLtL7BVljWsCsvPoqrt2Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 149 KB
53 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb4ca14b2d081aed44a8eff750e3e87fdb96a14f6bc5ad316541c4241dd85a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54112
x-xss-protection: 0
server: cafe
etag: 17139383457577183818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17998082610475493527/ Frame E00F 121 KB
121 KB 40ms
32ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17998082610475493527/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2927594fc03a38fb3d7db58700fa0a0c44e2b0c4aeb1cd912ee8274efbb9992c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:04:35 GMT
x-content-type-options: nosniff
age: 343809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124186
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 15:41:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 21:04:35 GMT

GET
DATA 200
OK truncated
/ Frame E00F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 1022 190 KB
25 KB 27ms
26ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=600&slotname=4676194412&adk=1736401022&adf=2752746037&pi=t.ma~as.4676194412&w=300&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883336&bpp=1&bdt=294&idt=210&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=L5oZ7FSjnU&p=https%3A//giftcard.jaknet.my.id&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 320126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25104
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 03:39:18 GMT
expires: Fri, 21 Jul 2023 03:39:18 GMT
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6304 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq0so46zdYoqiI6qD9u8PncSFkAbZpqf2Z46ruuiPDprw3rbGARABILmw7zNglaqzgsAHoAGDpJTQAsgBCakCXCwWm2wisT6oAwHIAwKqBJYCT9ClaHhzGyu-zhjholRoQas__dOY7DhWywkb2_qcnbim3gxTRYHAVAZ20UE_csJbbe91QKr96ya_dqBizChuDj-UmMS6HGp5SotqkqAMRgJFgvs4Wp5EEtO-xddtoGnUB1W2lnYIWAy8U6u7TNcA-09xYsPv4WDqjfibKwGAQEBA6JFFnwGDqO54ERIbnLICxe3Hnl7-kDWP08T8yeQ4KBRqZ_1RguMmks_tzFfG-060jZqv0KLGrRkNdCsE_4598rvWymImiAfegQ65bvddPY7f7s1R7iZVQlTijD1ReYQ05Sl2TkE_xbGujn-GGzgwMSqv8vwQ-S2RHmzBxqtq3KewC2yLjRPAna5wkzBoT_gs9NxPirjABMyLjq_WA5IFBAgEGAGSBQQIBRgEoAZdgAfl2-uvAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKbYVdIIEQiA4YAQEAEYXzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTMwODU0NTY4MDc1MDQ0OTIYAA&sigh=gYZwEoCbMhs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=600&slotname=4676194412&adk=1736401022&adf=2752746037&pi=t.ma~as.4676194412&w=300&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883336&bpp=1&bdt=294&idt=210&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=L5oZ7FSjnU&p=https%3A//giftcard.jaknet.my.id&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3023 143 B
163 B 23ms
21ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=600&slotname=4676194412&adk=1736401022&adf=2752746037&pi=t.ma~as.4676194412&w=300&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883336&bpp=1&bdt=294&idt=210&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=L5oZ7FSjnU&p=https%3A//giftcard.jaknet.my.id&dtd=213
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 19:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 6304 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6304 138 KB
42 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4886 12 KB
6 KB 144ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 5 KB
5 KB 473ms
67ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=cv-0XWAuCUcnqwngfrtP0s7A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31034692
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Wed, 19 Jul 2023 01:19:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 1 KB
1 KB 436ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=980081
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Fri, 05 Aug 2022 04:49:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 2 KB
2 KB 437ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=800&s=VqTak-1PQuSgw4NtqaFRO-V1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1605011
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1672
expires: Fri, 12 Aug 2022 10:24:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 2 KB
2 KB 436ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1679975
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:14:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 400 B
657 B 436ms
31ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=800&s=0y_71H41LXRUcFG_iY9j6SKC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 1 KB
2 KB 443ms
38ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoIng-Buro-Urbach-KG-199901DE.gif%3Feb%3D1&v=3&w=800&s=Mb-s42dbq3lx1pqa4-yS8Epn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3a704c14302cef153e217c5d0340d5fb5735fdd3a9021a55b4c75ed99a28145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1423
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1378
expires: Sun, 24 Jul 2022 20:58:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 509 B
772 B 35ms
35ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoDIBAG-Hausverwaltung-GmbH-228171DE-1910111445.gif%3Feb%3D1&v=3&w=800&s=HgoP_6IBamlAQV5iPolLBRJp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

52caaabb45077f9e38602a821fdfacccfee298817d708108bc54d6a1935215a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1129577
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 509
expires: Sat, 06 Aug 2022 22:21:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 898 B
1 KB 36ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=800&s=oYyeyoIGWuLVJQzf4NyU10P1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27048
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 898
expires: Mon, 25 Jul 2022 04:05:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4886 2 KB
2 KB 36ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=800&s=YXBCFE_KtriTAH1bLSFU1EZt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1732
expires: Wed, 19 Jul 2023 20:34:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4886 0
128 B 317ms
30ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=MaxO9ctHC9iVoCLPr26nYaypr4Ex2zSvVRDnY1_XjHdS1GZVTzlFZUtcVnM3IVNRC_PxTk_Ty6xVyz5TSwAKrQ2mQASUnEt6ABziygq-7t9EmQeVAnldptkackV3FYi8L3-P77O61YX08BVGv9jMVJ8eP37tHl30nFnz3pWnR1xcXv2UrKSfL65P8PWcG3TELVJ2369Acvw4BR_0JI3LeIPRg4dXWKaHYvo3sGprmvXbEnRI9pxF25t23S1jqP8Eof0gKw&sds=2&rev=82182&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 20:34:44 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4886 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4886 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:34:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1022 2 KB
436 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 20:34:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1022 16 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1022 26 KB
10 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 25 Jul 2022 05:09:09 GMT

GET
DATA 200
OK truncated
/ Frame E00F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af283fd6a932941db5d4579d1375c3a18558b5aa1c5a7add080085252c252784

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 84ms
33ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=giftcard.jaknet.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 80ms
32ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=giftcard.jaknet.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame FB5D 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame 37ED 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E00F 15 KB
16 KB 80ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 532192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E00F 15 KB
15 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 532499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:39:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 6304 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3023
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:44 GMT
expires: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame FB5D 4 KB
636 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 19:12:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FB5D 205 B
229 B 73ms
24ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 18:27:16 GMT
x-content-type-options: nosniff
age: 7648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Jul 2023 18:27:16 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FB5D 604 B
628 B 74ms
24ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 19:54:40 GMT
x-content-type-options: nosniff
age: 2404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Jul 2023 19:54:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame FB5D 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:15:23 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207071723000/ Frame E1D0 220 KB
61 KB 103ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 379874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61513
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a40ea3ab2445e497"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 14 KB
5 KB 141ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 379874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5205
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ecf6d7700179f984"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 94 KB
28 KB 149ms
68ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-analytics-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 379874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28819
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ca8eecb6dce4cd9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 32 KB
10 KB 157ms
77ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-carousel-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27039e2f6198a1703cf8fe717dde4ff6a4e71e792dfb72c7f60714887177202c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 531648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10088
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7b2076e98fad310e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 5 KB
2 KB 160ms
80ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-fit-text-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 379874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1910
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4aeabff663ac872e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 40 KB
13 KB 144ms
64ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-form-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 379874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "10eeb975567515a5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H3 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame E1D0 6 KB
2 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a086cc4792220860782022b6782c496bea5e23b4585a493ae049747ab521a214

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2449
x-xss-protection: 0
server: sffe
date: Thu, 21 Jul 2022 07:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a280f7ae5bcb1d14"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 07:03:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1D0 2 KB
528 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:regular

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 19:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1D0 2 KB
2 KB 26ms
25ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 38769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Jul 2022 09:48:35 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1D0 295 B
322 B 26ms
25ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 38382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 25 Jul 2022 09:55:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E1D0 0
17 B 69ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgioM46zdYrGmI76j9u8PlLK9qAGLrpeca4mzlri2ELO657qQDhABILmw7zNglaqzgsAHoAHwyNyAA8gBCagDAcgDCKoEoAJP0FXmIwfByobnbfa_egFANSE8NpHg4wYj_Atmad63xV-E789xuqRTfZ2xaemHeWmbBoz1KGbOGbnnPnpBJXbdFm0MG7sT_7tEUT0UbCIxlGOjAhBEhW0drZLLXR7kYyAahBe3EPOmvqjQ602nFaPa6YiDw2_nSERF1X6GAOCfFp9vX5pmiVdVs8jDP1DqIMMHTHfJSKPHiTU_eIA8VNJk7LtVz9g2A4JmuH1XylbpX5yqPIq-Z4KenpUn1rvPGKs7v3m3u4sLMLACvqaN5wZdHDZisexCdTTyvpmEhTs9UleryS4VspvnKjhPyliIPbls7vN-2sIHx6-6mGG-AAdBL-zBY1vrqvbsSM8y4h-HOZtHWI2Xq2I51rApiQsufczABPj5rdWGBJIFBAgEGAGSBQQIBRgEoAYugAf4tqN_qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ44f4AtIIEQiA4YAQEAEYXzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTMwODU0NTY4MDc1MDQ0OTIYAA&sigh=z-UEtFgzNVs&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 20:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 IncOders3qtrSmall.png
tpc.googlesyndication.com/sadbundle/5493815195695628879/ Frame E1D0 42 KB
42 KB 26ms
26ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5493815195695628879/IncOders3qtrSmall.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27877553b7f14733a9d4d65beec5acd8f7eed984dc0e9a73bb5c0f026036cf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 05:42:39 GMT
x-content-type-options: nosniff
age: 571925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43085
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:30:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 05:42:39 GMT

GET
H3 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v27/ Frame 1022 29 KB
29 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:700,regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 02:33:49 GMT
x-content-type-options: nosniff
age: 410455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29436
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:33:49 GMT

GET
DATA 200
OK truncated
/ Frame E1D0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0f92074420c85914cf249d04cadafd6a7fd18ecba39972a23b3b7b89fcadbce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6304 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32089a76c4789a004a6a3782cbba6ba2c4ca8c298ed30cf57a8ccc30b39ae808

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 2402 5 KB
667 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 19:06:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 20:34:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2402 2 KB
902 B 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:31:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 2402 21 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2402 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2402 17 KB
7 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 20:33:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2402 138 KB
42 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 20:34:44 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 2402 30 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 21:51:08 GMT

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4413 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=2426305125&adf=3209782072&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883333&bpp=2&bdt=290&idt=188&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6OPDDUfcG&p=https%3A//giftcard.jaknet.my.id&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6D5 143 B
163 B 21ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 19:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_augletics_small.JPG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 1022 8 KB
8 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/logo_augletics_small.JPG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 125683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Sat, 23 Jul 2022 09:40:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jul 2023 09:40:01 GMT

GET
H3 200 AUGLETICS-Eight.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 1022 46 KB
46 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 194477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47346
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 22 Jul 2022 14:33:27 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 14:33:27 GMT

GET
H3 200 AUGLETICS-Eight2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 1022 45 KB
45 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 194683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46135
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 22 Jul 2022 14:30:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 14:30:01 GMT

GET
H3 200 augletics_eight_small.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 1022 28 KB
28 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/augletics_eight_small.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 194477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28813
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 22 Jul 2022 14:33:27 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 14:33:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
78ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:45 GMT
expires: Sun, 24 Jul 2022 20:34:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 20:34:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame C6DA 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: giftcard.jaknet.my.id
URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012207071723000/ 23 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674eae0be0bae4c3d6a1e60843fa7f4d8d940f76118b2ac2a3208ef17c6bfab0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 531649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7855
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "edded153d60ffda4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:55 GMT

GET
H3 200 IncOders3qtrSmall.png
tpc.googlesyndication.com/sadbundle/5493815195695628879/ Frame E1D0 42 KB
42 KB 23ms
23ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5493815195695628879/IncOders3qtrSmall.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27877553b7f14733a9d4d65beec5acd8f7eed984dc0e9a73bb5c0f026036cf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 05:42:39 GMT
x-content-type-options: nosniff
age: 571926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43085
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:30:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 05:42:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
39ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee8797f6d1035dbde7c638f1d1d8e13e833587771b4f1fd7643398c6842652af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 20:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 20:34:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F07E 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnB7NDqwWXj13VkcZvy7MQUyOERLYEloLhJySKATQ15XTUoyI_QsmcnF6LRm3SASMu9cpcp8ozpJMPFpnM1YH0fjf3&sig=Cg0ArKJSzFUsn3aufmaZEAE&id=lidar2&mcvt=1002&p=0,0,280,630&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=20&adk=1815089948&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658694883542&rpt=717&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8D5 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 19:19:05 GMT
expires: Mon, 24 Jul 2023 19:19:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F951 783 B
535 B 47ms
46ms Document
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0334c214e18c520907e9b0d0661cab9134d33f5bed2979175fd4690f865feeb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rjhxQmyv9cJFe1_-JQ3dBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giftcard.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rjhxQmyv9cJFe1_-JQ3dBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 20:34:45 GMT
expires: Sun, 24 Jul 2022 20:34:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame D8D5 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F951 0
0 63ms
62ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=548067696097445&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D8D5 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ol9r-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 4886 0
127 B 31ms
30ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 20:34:45 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6304 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD2dyYDH5qlpbB184WjddJcZL3Fge4widsneMtaDV8FWqdu1P4s8QF7Zj5DlK2OIR1ZWwj_RkUosFeQezHppEfgkzxmAVlkMBeq4pQzLMqMAmVrudqjnwngX1FaO6ykSGSIo-NEAg8W1bU&sai=AMfl-YTX-C9gCX0eDItkDZ4bmyTRvTl1vYtqlIl8g_XtuKiNSoZapVh4SL9mhBbX4GR55PFHTUVoqkolog1d&sig=Cg0ArKJSzND1KCDRgWuXEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1736401022&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658694883550&rpt=1040&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E00F 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8b6r3WoLmCOH2knD-Cf6QOixsuCn8jbIS8_2G2rd00qivOlGoynAIknkJ0GiKu3thsboKa8g-cQ6zCMURP-vHlZ8GBc9Xyef_ACZ55hVvyhoZqSC4w7RDANl_IWIvModnI-sAmbWtPRLj&sai=AMfl-YRGHWUxnzoWLMQu0pBdeZQjo9c9020LOym0wDGJOcZE63gUHQEr4qoALfHpc1MKiTLqUoJJyKB4cgBO&sig=Cg0ArKJSzMlXAixlkMHwEAE&id=lidar2&mcvt=1003&p=0,0,280,630&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2426305125&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658694883526&rpt=1222&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=548067696097445&bg=!0NOl05fNAAacadVKvGk7ACkAdvg8WuZ1lYJTLUHttqcaUuwo9d46oPBhqDDy7PZv5x3L3IlRBxu66gIAAABRUgAAAAhoAQcKAG_1gwrph3E0LUWlR-kPh9PzwZGQ4Xqg6AY2w72Mcx7Axwuciq2iUEhK8vFiEb5H6aNJESizpkXB5HB3MeaWdarPajE7hHyz6QqrT2MRyDR2gogizgTU8Vfci8-si3-OUUP47c0ezKqMgdFuOd2UxZmZApZwJt7S5cit6CpH-yN7ntTzcUvmwE2AmLR3HUCCGY3HLNWGX8q_kvzX3xsc3CZKoX8l9GSykytGff9ljb-WbgKLrcM5HZNJbVZqrurERCqzbnHXyPvX7Wb7wTwv3B-O9q_VyGfcong3CP7cNE746OPIHtDFpq8EtnU0St1QHjwAept3-4S_um4bJLfIVXfK9ItiotQ0z8mry7VtWl9XrGDrOBpdO-h5DE0TRDJ42-NqIPqovHdS8rYR5VB2VWhJK91HoaBjdXElMMe6fhP_DhRZkD_0NGan-oTOoiz1_BLl71IYolc_rifcMGjCmUD5-ccvQ-CJlh5I97JzdNrbSqGJ0v3Cm3bBRGGXfqDsgfFDUOLtLdGWwRZJm2_WNleCbjlwkRZA8YhWrhPtLHNS4vL7ni7SqaY-6lGpy0uPaez-3D4VFLuOnAcSbyyglCTcL1upKBKXUmNE5mgPu51ejxKxR2B5MvralYF4WbXH5b4aDMcERfEg5RL-3LWGX9Gkgud2xuNU0l-r9aPYBJCurKFj0vO4ETSSqrfBGeMgbLDK8nAnBasAaoygzefCZGRUtNQwhZ_gnzH0qI6Xa8lPcL-RaVNNIxaNcrG-7I9e6Rz2c4xA7zQITRTmTWdhH3sU-wuZKI6GzpgE0TKF9ODGLSlPg5M3S8NI84ssuZYt9aIW09WX0VdBX5aZlJN01b7JIPI7MsG8w9iw3JEJGT-r3Q3nuYWgvknccICeMQJYBFgGWLG9ZB9B1xzCn4t2eudte64sQHGvGbC0hmT-NVapJlaewrs5SHme-w3f4ki7wvNZ3qrj8151dkIyEncPaZsNfJVp4zLLK3TaDIrlXaRYglPnbWurwYF0BzPtq1US9vYs9iqNrB0EzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E1D0 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7Od05xCYLJYRFp85zoMp2hGP1CzxwM6VcAi5sL_lo2najk3o0CNt9YKhJrZcfEPP58YUj3lHTEgi0RvovBbStRV3UZpDHr6AI6Ni8aIAAWHueTueyyoNy778omWhAq2HglvbZRKgIROQ0&sai=AMfl-YR4xakFmUJsy_vHkl_7yq90M3CKCd8TWcNU8tKvtn7ClQETZ6swR9CqnP3LyoJ2a_XGAmOpJMyN1ekC&sig=Cg0ArKJSzKHY1t5lQ5zQEAE&id=ampim&o=0,84&d=646,83&ss=1600,1200&bs=646,83&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=361&tls=1361&g=66.26505851745605&h=100&tt=1362&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/2/ 0
14 KB 1109ms
1108ms Other
text/html 2606:4700:3034::6815:2a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/2/
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/reactive_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2a74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giftcard.jaknet.my.id/venmo-account-got-hacked-here-are-the-steps-to-take/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:34:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
link: <https://giftcard.jaknet.my.id/wp-json/>; rel="https://api.w.org/", <https://giftcard.jaknet.my.id/wp-json/wp/v2/posts/141>; rel="alternate"; type="application/json", <https://giftcard.jaknet.my.id/?p=141>; rel=shortlink
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-pingback: https://giftcard.jaknet.my.id/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqJ21l%2FfHcU6cN48Yo1TDzulwQVFaW36s1hNoAi%2BlxfmPtHHB1JtFkzz2RngsMSUHLVmBNFQq32lUu61BMQ4Vr7cSHTssLNr9OTZAfguZcJxj%2BrQSAUTyX9wi%2FTX%2BlPj9oeadd%2FwTeSJuLsGvAw02AP31Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 72ff703e7e97bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FB5D 15 KB
16 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 532194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
DATA 200
OK truncated
/ Frame 2402 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fedfafc3fb63b70d716c9332bb3eaf372579e96d6831d407bcd43ab1690e945a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 2402 44 KB
44 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 509061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:10:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2402 0
17 B 66ms
65ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZLtz46zdYrCmI76j9u8PlLK9qAHw-MqoX7zxsqDSD6CWgOyQAhABILmw7zNglaqzgsAHoAGMwq-bA8gBAakCXCwWm2wisT6oAwHIA8sEqgSbAk_QtO98yNrMDEhNw9JKZNfb-5xknv3i0jLYF1lCgB5PZoE7z5vb5ciAd9sKaS9hseusallw-mwZHRCuZssjLwoLln9YInRtWU6MtxaTVHujwoo1O7HpxIxdvZKnKTcSJzODxrPrEXk9gwsBvfVFvWGwDN4CxSSvs9ET1DPsbOw9alPFXVv4NW6iIRaph6poi5i_5nd5gzoFonWpEHJqIDnghGMEx5UqwWqki5F6YLNsYLS0NhGOqjOLcpWKI0yFdfGi8J2ptYrqWBiDXIZRJYtUcLlwUEKNYliixaKyryWWCNF_i2qltgG-vq1w1n_2sW5V3c4QzOQz09jbad0cCqf0YZdby5S7dTl30U0HJL9wuB-qgWHudBeLjo_ABMGc8eSkA5IFBAgEGAGSBQQIBRgEgAfcvdBkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ_eDCAtIIEQiA4YAQEAEYXzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTMwODU0NTY4MDc1MDQ0OTIYAA&sigh=QePN9hwGK3A&uach_m=[UACH]&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 20:34:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2402 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8OxqgNgj3v5ip--5yLDIwHg_eZu5_tv9EPkANwnfU4vPkTLu8q0SGkJALkDrFcgppgwDuBKn31zDiRTjAGAYnQ1waWe7xdUFh7Q8pEztafmVYHnFcjk9uzPxEdgH6r1U3FFLUdCvta2z5&sai=AMfl-YRhKROOHju89k-venUqH_dTjmMCABu8SgHCH-o_ejrhqzcUnQKw6Lf0FFYPlUYQyjhDyJFEQehtKXll&sig=Cg0ArKJSzKDr9U1RZjljEAE&id=lidar2&mcvt=1000&p=0,0,248,620&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271808&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658694884716&rpt=161&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 20:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstCfa4677127 Value: 1658694883364
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstCla4677127 Value: 1658694883364
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstCmu4677127 Value: 1658694883364
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstPn4677127 Value: 1
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstPt4677127 Value: 1
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstCnv4677127 Value: 1
giftcard.jaknet.my.id/	1970-01-20 13:30:30	Name: HstCns4677127 Value: 1
.doubleclick.net/	1970-01-20 14:06:30	Name: IDE Value: AHWqTUlDQhCAFbkI3OvU5tbZH65LZ1jfORLHhx2uu7EfCAiHHI0zjBEJ0wJiZjgQB84
.doubleclick.net/	1970-01-20 04:44:58	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=4676194412&adk=1815089948&adf=1961598617&pi=t.ma~as.4676194412&w=630&fwrn=4&fwrnh=100&lmt=1658694883&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Fgiftcard.jaknet.my.id%2Fvenmo-account-got-hacked-here-are-the-steps-to-take%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658694883335&bpp=1&bdt=293&idt=203&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=2163749371556&frm=20&pv=1&ga_vid=692678393.1658694884&ga_sid=1658694884&ga_hid=1889905795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31068106%2C42531606&oid=2&pvsid=548067696097445&tmod=910168997&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5BCIgE3tHB&p=https%3A//giftcard.jaknet.my.id&dtd=206 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdn.ampproject.org
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
giftcard.jaknet.my.id
googleads.g.doubleclick.net
l.ead.me
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
s10.histats.com
s4.histats.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
178.250.0.139
178.250.0.160
178.250.0.162
18.66.122.9
192.99.0.58
2600:9000:206f:3a00:1e:a43d:b640:93a1
2606:4700:3034::6815:2a74
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4014:80f::2004
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
46.105.201.240
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
0334c214e18c520907e9b0d0661cab9134d33f5bed2979175fd4690f865feeb7
06f30f1064af36184106b5d6e0a09c7a1ecb76b22e0ba2a2306a3fc4f749ae88
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1db65806f2e4df171627e1bd6575e1a61e0da7d1852aa5c2aae5c425a41f1020
27039e2f6198a1703cf8fe717dde4ff6a4e71e792dfb72c7f60714887177202c
27877553b7f14733a9d4d65beec5acd8f7eed984dc0e9a73bb5c0f026036cf7d
2927594fc03a38fb3d7db58700fa0a0c44e2b0c4aeb1cd912ee8274efbb9992c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
32089a76c4789a004a6a3782cbba6ba2c4ca8c298ed30cf57a8ccc30b39ae808
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
35df02b5dc456f25dd79ad7de066494c479e4d51ff755a2b9fa59dd6c5e51a88
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
46b6fba32de585222e313609ae1e6a9556aa2101a0d08ebcae3b9597b7769ee3
4a0d852e7a3d415687457ec4747edef55ef837cb330091a10b1c9fbf95e22296
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640
52caaabb45077f9e38602a821fdfacccfee298817d708108bc54d6a1935215a9
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc
57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f
5a31e992e76d773f166901d4e3fca956a39b76cbbe088ee77e1caa0af8d8af0c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957
674eae0be0bae4c3d6a1e60843fa7f4d8d940f76118b2ac2a3208ef17c6bfab0
6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7737f568b7d6bea41aef5499d7c68c72d1f3e50f3a45790229b5a2e896d78c86
7fb9890b8281e7fdc607290e33788adfaaed706d0ec2f31aa7fe449713d78da4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336
a049f73fcbfcb0f2db50d333edcdebb1a321b07d276b39dff10cc1f0c641d023
a086cc4792220860782022b6782c496bea5e23b4585a493ae049747ab521a214
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a704c14302cef153e217c5d0340d5fb5735fdd3a9021a55b4c75ed99a28145
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97
acb97f2b6f18a1ff5dc826ea61fd2fec7f3e7ea58ccd77cc4abc063d13da7b5e
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
af283fd6a932941db5d4579d1375c3a18558b5aa1c5a7add080085252c252784
b0f92074420c85914cf249d04cadafd6a7fd18ecba39972a23b3b7b89fcadbce
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
bdb4ca14b2d081aed44a8eff750e3e87fdb96a14f6bc5ad316541c4241dd85a5
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
d430a5ba614a1f59c9623ae37a0a1a412a0e5bba110b9752c4d690df946a7256
d52a9a00b82c8a2eb79d9d257947bc55a7d5e4e5eed92d2ea0d51dbb91c8f1f9
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
ded71eb769791ae8a7580cddd2d943f3d3c0f4fe86a192f1b9943d816d29ed1b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e66f40734d737c775b6d0b6804347804475f02585278c2328a3cb7dd989fe937
ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af
ee8797f6d1035dbde7c638f1d1d8e13e833587771b4f1fd7643398c6842652af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674
fedfafc3fb63b70d716c9332bb3eaf372579e96d6831d407bcd43ab1690e945a

giftcard.jaknet.my.id Open in urlscan Pro 2606:4700:3034::6815:2a74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

100 %HTTPS

70 %IPv6

15 Domains

23 Subdomains

23 IPs

5 Countries

1720 kBTransfer

3903 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giftcard.jaknet.my.id Open in urlscan Pro
2606:4700:3034::6815:2a74 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

1720 kB
Transfer

3903 kB
Size

9
Cookies

127 HTTP transactions
6 data transactions