urlscan.io logo urlscan.io
SecurityTrails logo

jalantikus.com Open in urlscan Pro
124.155.223.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jalantikus.com/apps/download/5566/20670/
Effective URL: https://jalantikus.com/apps/download/5566/20670/undefined
Submission Tags: falconsandbox
Submission: On May 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 9 countries across 45 domains to perform 439 HTTP transactions. The main IP is 124.155.223.221, located in Singapore, Singapore and belongs to STARHUB-INTERNET StarHub Ltd, SG. The main domain is jalantikus.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 26th 2021. Valid for: a year.
This is the only time jalantikus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54 124.155.223.221 4657 (STARHUB-I...)
3 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 124.155.223.225 4657 (STARHUB-I...)
15 2a03:2880:f01... 32934 (FACEBOOK)
15 216.58.212.162 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 13.226.159.67 16509 (AMAZON-02)
2 23.32.243.206 16625 (AKAMAI-AS)
12 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.226.159.112 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 2a03:2880:f11... 32934 (FACEBOOK)
4 2600:9000:218... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
13 124.155.223.237 4657 (STARHUB-I...)
2 13.226.159.56 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
16 41 172.217.16.130 15169 (GOOGLE)
7 15 2.18.234.21 16625 (AKAMAI-AS)
6 10 185.33.220.240 29990 (ASN-APPNEX)
47 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.98 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (TURN)
2 2 37.157.3.29 198622 (ADFORM)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.144.139 26667 (RUBICONPR...)
4 4 3.126.56.137 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
6 213.254.244.11 36062 (DOUBLE-VE...)
1 142.250.186.70 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 3.124.143.99 16509 (AMAZON-02)
2 76.223.111.131 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 213.155.156.181 1299 (TELIANET ...)
1 1 185.86.137.107 201081 (SMARTADSE...)
2 2 35.156.106.231 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2 193.0.160.128 54312 (ROCKETFUEL)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 185.29.132.144 30419 (MEDIAMATH...)
1 1 151.101.14.49 54113 (FASTLY)
1 1 169.50.137.190 36351 (SOFTLAYER)
2 2 213.19.147.44 3356 (LEVEL3)
8 213.254.244.17 36062 (DOUBLE-VE...)
439 49
54    124.155.223.221 (Singapore, Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
jalantikus.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
39    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    124.155.223.225 (Singapore, Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
api.jalantikus.com
15    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
scontent-frt3-2.xx.fbcdn.net
static.xx.fbcdn.net
external-frt3-2.xx.fbcdn.net
15    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
www.googleadservices.com
9    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
2    13.226.159.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-67.dus51.r.cloudfront.net
static.hotjar.com
2    23.32.243.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com
chimpstatic.com
12    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    13.226.159.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-112.dus51.r.cloudfront.net
script.hotjar.com
3    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
36    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2600:9000:2182:2600:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
27    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    124.155.223.237 (Singapore, Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
assets.jalantikus.com
2    13.226.159.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-56.dus51.r.cloudfront.net
vars.hotjar.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.xx.fbcdn.net
41    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
10    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
47    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a02:26f0:10c:49e::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
cdn3.doubleverify.com
6    213.254.244.11 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20519.doubleverify.com
tps.doubleverify.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.124.143.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    35.156.106.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    213.254.244.17 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps20246.doubleverify.com
tps20235.doubleverify.com
Apex Domain
Subdomains		 Transfer
81 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
286 KB
76 jalantikus.com
jalantikus.com
api.jalantikus.com
assets.jalantikus.com
2 MB
71 googlesyndication.com
pagead2.googlesyndication.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com Failed
392 KB
47 2mdn.net
s0.2mdn.net
367 KB
36 facebook.com
www.facebook.com
326 KB
23 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20519.doubleverify.com
tps.doubleverify.com
tps20246.doubleverify.com
tps20235.doubleverify.com
230 KB
15 casalemedia.com
dsum-sec.casalemedia.com
14 KB
15 google.com
adservice.google.com
ampcid.google.com
www.google.com
3 KB
10 ampproject.org
cdn.ampproject.org
200 KB
10 adnxs.com
ib.adnxs.com
10 KB
10 fbcdn.net
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
static.xx.fbcdn.net
external-frt3-2.xx.fbcdn.net
166 KB
10 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
8 googletagservices.com
www.googletagservices.com
215 KB
7 google-analytics.com
www.google-analytics.com
107 KB
6 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
124 KB
6 facebook.net
connect.facebook.net
259 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
4 gstatic.com
fonts.gstatic.com
85 KB
4 truepush.com
sdki.truepush.com
38 KB
4 googletagmanager.com
www.googletagmanager.com
179 KB
3 googleadservices.com
www.googleadservices.com
partner.googleadservices.com
29 KB
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 advertising.com
pixel.advertising.com
932 B
2 de17a.com
d5p.de17a.com
268 B
2 ctnsnet.com
gcm.ctnsnet.com
781 B
2 adsrvr.org
match.adsrvr.org
529 B
2 w55c.net
pm.w55c.net
2 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 rubiconproject.com
pixel.rubiconproject.com
916 B
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
762 B
2 adform.net
c1.adform.net
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 chimpstatic.com
chimpstatic.com
1020 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
581 B
1 1rx.io
sync.1rx.io
696 B
1 simpli.fi
um.simpli.fi
707 B
1 everesttech.net
sync-tm.everesttech.net
534 B
1 mathtag.com
sync.mathtag.com
816 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 atdmt.com
ad.atdmt.com
1 KB
1 smartadserver.com
ssbsync.smartadserver.com
456 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 createjs.com
code.createjs.com
63 KB
0 wbtrk.net Failed
um.wbtrk.net Failed
439 45
Domain Requested by
54 jalantikus.com 1 redirects jalantikus.com
47 s0.2mdn.net jalantikus.com
s0.2mdn.net
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
41 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
39 pagead2.googlesyndication.com jalantikus.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
ad.doubleclick.net
cdn.ampproject.org
36 www.facebook.com jalantikus.com
connect.facebook.net
www.facebook.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
jalantikus.com
cdn.ampproject.org
googleads.g.doubleclick.net
15 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googleadservices.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
jalantikus.com
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
jalantikus.com
13 assets.jalantikus.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
10 www.google.com 2 redirects jalantikus.com
tpc.googlesyndication.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
9 api.jalantikus.com jalantikus.com
8 cdn.doubleverify.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
cdn.doubleverify.com
jalantikus.com
ad.doubleclick.net
8 googleads4.g.doubleclick.net jalantikus.com
ad.doubleclick.net
8 www.googletagservices.com jalantikus.com
pagead2.googlesyndication.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 connect.facebook.net jalantikus.com
connect.facebook.net
5 b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.de jalantikus.com
4 tps20235.doubleverify.com cdn.doubleverify.com
4 tps20246.doubleverify.com cdn.doubleverify.com
4 fonts.gstatic.com fonts.googleapis.com
4 ups.analytics.yahoo.com 4 redirects
4 external-frt3-2.xx.fbcdn.net
4 sdki.truepush.com jalantikus.com
4 www.googletagmanager.com jalantikus.com
3 tps20519.doubleverify.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
3 static.xx.fbcdn.net www.facebook.com
3 stats.g.doubleclick.net www.google-analytics.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 pixel.advertising.com 2 redirects
2 d5p.de17a.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 match.adsrvr.org b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 pixel.rubiconproject.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 c1.adform.net 2 redirects
2 scontent-frt3-2.xx.fbcdn.net www.facebook.com
2 vars.hotjar.com static.hotjar.com
2 script.hotjar.com static.hotjar.com
2 ampcid.google.de www.google-analytics.com
2 ampcid.google.com www.google-analytics.com
2 chimpstatic.com jalantikus.com
2 static.hotjar.com www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-sync.sitescout.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
1 a.rfihub.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 ad.atdmt.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 code.createjs.com s0.2mdn.net
1 r.turn.com b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 scontent-frt3-1.xx.fbcdn.net www.facebook.com
1 partner.googleadservices.com pagead2.googlesyndication.com
0 ade.googlesyndication.com Failed
0 um.wbtrk.net Failed b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
439 74

This site contains no links.

Subject Issuer Validity Valid
jalantikus.com
Go Daddy Secure Certificate Authority - G2		 2021-01-26 -
2022-02-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
api.jalantikus.com
Go Daddy Secure Certificate Authority - G2		 2021-03-04 -
2022-04-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-01-11 -
2022-01-17		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
sdki.truepush.com
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2021-05-15 -
2021-08-13		 3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh

This page contains 34 frames:

Primary Page: https://jalantikus.com/apps/download/5566/20670/undefined
Frame ID: 368F281CD977FA8A13A5A9F20F7FD210
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: AB8CE9ED9FA5DC59ABFFEE2F37525403
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3376685942337626&output=html&adk=1812271804&adf=3025194257&lmt=1622455606&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622455606627&bpp=2&bdt=1040&idt=73&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2751992840418&frm=20&pv=2&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744333&oid=3&pvsid=2864632461296345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
Frame ID: A2D6A40E7AEF532EB01313989E2DF8E4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 30F7F24B1C10BB3263D510C146D3B3B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BD623D4A20E047FA1A40B871FECF92DB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8500CC822C2FC0C7986540A2C98C8066
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Frame ID: 5A780045079D11643AC9018935DBB3D5
Requests: 44 HTTP requests in this frame

Frame: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D9605B67DF1504BFD5FCF7C7725C8EBD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Frame ID: DEDEFD79C0045EC4EE6D09AE9D301D6C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42E055078E5057200BE0AB21930CC38A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9DE52568E4616F51E09F75E4670408DA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
Frame ID: 099DFBB1EBCE311637F4CCE3A6C1FD4D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: D3FB49408F1C762AF482310013B5E97F
Requests: 19 HTTP requests in this frame

Frame: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CF29C8A4882922242FC4111778DECDE
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Frame ID: 9A37A77BFBA15C87C51F6C826435D8F7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3478F6B06818ECAA1DE33D0F392F242D
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 2C857DC5B2CF82F23B5452F6852D04FB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 1F4F250DB8DD66E46B7B06A1B437A804
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD2F3D82DAE53EF4437B233C4EA1E440
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1389.js
Frame ID: B35A4BD130B2DF0C3DF7D4D829601A1F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9CC6092E343CF7F3B2CBBEA031A4D75A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: 2977B51C3DD2F019378AB85BF702ADB5
Requests: 15 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1389.js
Frame ID: 5D2C03F68F98B3659A08180CAE35B281
Requests: 6 HTTP requests in this frame

Frame: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20A4EC0A369750589CE42CA5D44E2F62
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Frame ID: 2677138A472EEA4CABDAAEB86967DEC5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88EAFF23C4585642F15FD835529D3B1F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Frame ID: FCBCB107EAF15A5A4510827B54BFFD77
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F9F47900738BDEB9D383998630F8465
Requests: 3 HTTP requests in this frame

Frame: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D926FFD038509C3A116637D7DEC5C5B0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Frame ID: 2DD968D1319761BE708ABBBAD3065378
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 389609B6B300C9664249B288CDA3FA66
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 46CB431756666E0E9801535CB2D58353
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10008955/1620373602480/index.html
Frame ID: 7B97A804DB3479DBC9EE53C8EA2EEAB2
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: ED4777D07A1148650CC202EDCAE12C75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jalantikus.com/apps/download/5566/20670/ HTTP 301
    https://jalantikus.com/apps/download/5566/20670/ Page URL
  2. https://jalantikus.com/apps/download/5566/20670/undefined Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

439
Requests

97 %
HTTPS

46 %
IPv6

45
Domains

74
Subdomains

49
IPs

9
Countries

4988 kB
Transfer

13305 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jalantikus.com/apps/download/5566/20670/ HTTP 301
    https://jalantikus.com/apps/download/5566/20670/ Page URL
  2. https://jalantikus.com/apps/download/5566/20670/undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://jalantikus.com/apps/download/5566/20670/ HTTP 301
  • https://jalantikus.com/apps/download/5566/20670/
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1&C=1
Request Chain 159
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PCs5ylEVKDnJaeWOzAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED05gIJlJqWHGjFt5R0WLvI&google_cver=1
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGR6kA_rjVYlTtaSGl0iZdM&google_cver=1
Request Chain 161
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Request Chain 171
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1&google_push=AQvitUKKPuHEQG1Ao635ABpNJnBjrPjGMEg1L64xcIHIaAzVFEotCoQhgvTwk6cbDOPnHh91xIymYaEsln0ykZBQNhwJGhZFpDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyNTk0OTI1Mzg5NzkxMTI4MA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1
Request Chain 173
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMc4wg4OTdkgJ4AmoUOafuA&google_cver=1&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTtjl9-MvcQ_gf-vDZ0Rg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMc4wg4OTdkgJ4AmoUOafuA&google_cver=1&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTtjl9-MvcQ_gf-vDZ0Rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyOTU2NTc0OTgxNjk2MDQ4Mg&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTtjl9-MvcQ_gf-vDZ0Rg
Request Chain 174
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKEe1g6XqVXEyjmeEWbrmHs&google_cver=1&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKEe1g6XqVXEyjmeEWbrmHs&google_cver=1&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&google_hm=_H89-hGEzQYcKSkSkfFQnQ==
Request Chain 175
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFi1Izpy2PXbqVx8zLn8Pf0&google_cver=1&google_push=AQvitUI8NE5EKZB_6h7BXguUBScFsmsPQoH4qCtxn7Vq4nAZSa22lXUmsZtMLzgyBfPF-6mzDH9JvkedeQhIWpw5QuTl5aPM5g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFi1Izpy2PXbqVx8zLn8Pf0&google_cver=1&google_push=AQvitUI8NE5EKZB_6h7BXguUBScFsmsPQoH4qCtxn7Vq4nAZSa22lXUmsZtMLzgyBfPF-6mzDH9JvkedeQhIWpw5QuTl5aPM5g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iCFTQDxRPKsZdeoOIH0nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI8NE5EKZB_6h7BXguUBScFsmsPQoH4qCtxn7Vq4nAZSa22lXUmsZtMLzgyBfPF-6mzDH9JvkedeQhIWpw5QuTl5aPM5g
Request Chain 176
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMcHqMJcbxarpCtYf9OBmEs&google_cver=1&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5jJYo48A4TXtTxZ2HDwQOq9JA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZJVzUtMVItRlI1Sw==&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5jJYo48A4TXtTxZ2HDwQOq9JA
Request Chain 177
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED9e6nCMTxvKV9rToE4jj4E&google_cver=1&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6FLhzfSDLuM3V8KURrTBn8tiYE HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED9e6nCMTxvKV9rToE4jj4E&google_cver=1&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6FLhzfSDLuM3V8KURrTBn8tiYE&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mbFhOX1dORTJ1SFpQTnhRdGtxc2w4eG9mcVNGbzVQRX5B&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6FLhzfSDLuM3V8KURrTBn8tiYE
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
Request Chain 229
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PJNteg5au2BxtgabywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBO-QvA5AFHvN-2wZqHvufg&google_cver=1
Request Chain 231
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Request Chain 272
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 274
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8&google_tc=
Request Chain 276
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL46k35Kx0kd6ns7_EWQuL0&google_cver=1&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_JIaanDhhns2tGu5Irr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_JIaanDhhns2tGu5Irr&google_hm=cyyRo_LbS9qNO2m-1lgvOnQ
Request Chain 277
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENiaRqO_9YvzbWuvoQKQlx4&google_cver=1&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1BYRPwRORcNui67O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODM5Mzc5NzA2OTQzNzA3NQ%3D%3D&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1BYRPwRORcNui67O
Request Chain 279
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMuViPQLvfWWk8v8My9gFyc&google_cver=1&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDYwMDY3OTk5NzA1NA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDYwMDY3OTk5NzA1NA%3D%3D&google_tc=
Request Chain 280
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_ HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_&apid=UPecd903cb-c1f7-11eb-b282-021b3365823a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_&apid=UPecd903cb-c1f7-11eb-b282-021b3365823a&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlY2Q5MDNjYi1jMWY3LTExZWItYjI4Mi0wMjFiMzM2NTgyM2E%3D&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
Request Chain 293
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PiTCvhLrCmMPn1zpYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMJNSaDa6C14SwkAZyEi2AE&google_cver=1
Request Chain 295
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Request Chain 306
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEPNzOKxc8T7sHfyarvuVDvg&google_cver=1&google_push=AQvitUI1wEOFIfS-lnlhXesybky-ySDPwXKgbcWiKeeIl1X7HUZRu0Dw2ovhPBt_NJnE1kvsJot9-Bq_q0QH6W-eIloHxWaCh6M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUI1wEOFIfS-lnlhXesybky-ySDPwXKgbcWiKeeIl1X7HUZRu0Dw2ovhPBt_NJnE1kvsJot9-Bq_q0QH6W-eIloHxWaCh6M&google_hm=Njg1NDk4ODA3ODI4NjEyMTc5NQ== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 308
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAGLTuGogrIof-a7WAY9gLg&google_cver=1&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf1x3VarrIWaW0IuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf1x3VarrIWaW0IuQ&google_hm=Htd6Uv3XR3GrLkczGc34uHQ
Request Chain 309
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBR_P61oE3MKNmWWLy169fE&google_cver=1&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4sU1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4sU1s&google_hm=NTAyNzUxNzkyNjI5OTQ0Mzk4Nw%3D%3D
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
Request Chain 346
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PiTCvhLrCmMPn1zpYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB0OEth61LVYVB4epx4e4fo&google_cver=1
Request Chain 348
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEADR4byjDX26nbXQK7ygzbY&google_cver=1&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1NkrqLBaZTJRRA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1NkrqLBaZTJRRA
Request Chain 359
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAHtTZW606n8thmzdr-x__I&google_cver=1&google_push=AQvitUKnR2rCHVawZm0d1ZM0ghTdClE9fx4kHSRAP7hR_p7Qam-i7_Xt_Bsg9avd837-Crarp5T3Tua4cuKwR0S0MkyRIGs4PDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAHtTZW606n8thmzdr-x__I&google_push=AQvitUKnR2rCHVawZm0d1ZM0ghTdClE9fx4kHSRAP7hR_p7Qam-i7_Xt_Bsg9avd837-Crarp5T3Tua4cuKwR0S0MkyRIGs4PDQ
Request Chain 360
  • https://um.simpli.fi/gp_match?google_gid=CAESEHeuhTHRfmUqIo6yfxfyJ38&google_cver=1&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFyp7SohCUoHvsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA6C293192104C1EA7152C517C6CA8C7&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFyp7SohCUoHvsA
Request Chain 363
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECFPQzqXxxx9v8lT-BvVqvI&google_cver=1&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLMoX9nS9wlW-gUvXkQzlrZMtNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZMMkEtTi0xVjNC&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLMoX9nS9wlW-gUvXkQzlrZMtNA
Request Chain 364
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPjDIo6pDeRplFF2Bf0-N-w&google_cver=1&google_push=AQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-60b7fee6-0736-4c2e-bc65-a80b61d1b828-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w%26google_hm%3DA2C3_uYHNkwuvGWoC2HRuCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w&google_hm=A2C3_uYHNkwuvGWoC2HRuCg

439 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
jalantikus.com/apps/download/5566/20670/
Redirect Chain
  • http://jalantikus.com/apps/download/5566/20670/
  • https://jalantikus.com/apps/download/5566/20670/
231 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
90b967ef19bddd6abd96f01b96aba93d3a8ea70ea66bf26c1fe5edefe36750bf
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
jalantikus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 31 May 2021 10:04:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Set-Cookie
valid_until=1622466279; Domain=.jalantikus.com; Path=/; Expires=Mon, 31 May 2021 13:04:39 GMT access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY; Domain=.jalantikus.com; Path=/; Expires=Mon, 31 May 2021 13:04:39 GMT
ETag
W/"39c30-FZGfoUjaCYx5p0nCiT4dIAXrD+8"
X-Backend-Server
mgp-jt-front
X-Real-IP
37.120.211.116
X-Scheme
https
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 31 May 2021 10:04:38 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://jalantikus.com/apps/download/5566/20670/
X-Backend-Server
mgp-jt-front
vendor.2ea448fd.chunk.js
jalantikus.com/assets/ 		548 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/vendor.2ea448fd.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
7033c1ee58c73352f6544bbcb2f559e9cabaaa8cbd19142a76a9ecf1848aaab5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"88ff9-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
tips.12c70b15.chunk.js
jalantikus.com/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/tips.12c70b15.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
21aa4eced80e82bc20d3ed73cc2fdae4e61cf55a1c34182bb874b81e8317890e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1f57-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
client.dd818d4d.js
jalantikus.com/assets/ 		440 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/client.dd818d4d.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
cd12aa5462f9fbcc60d144b717feddff6be69fab664ff5799a9969be95a3911c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"6dee5-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"888 / 181 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 10:06:46 GMT
georgy-scripts.js
jalantikus.com/assets/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/georgy-scripts.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1cf506fd3fca5e0656599921ed51776a1aa32723e4b008c57981e82c365f6cb0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"27e6-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-793174195
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
221451771e88bdf75991de0306dece6e1c4ac3c2f88c30a57f7b26eb287c49d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34514
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:46 GMT
jquery.min.js
jalantikus.com/assets/scripts/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/jquery.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"15282-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
lazysizes.min.js
jalantikus.com/assets/scripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/lazysizes.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1c43-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
jt-lib
api.jalantikus.com/v1/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/script/jt-lib
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
46b610a9f8ecb8423642a7dfbd92f0069cf143e4b28c3d0c0e8dcbda9a79724d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
truepush.min.js
jalantikus.com/assets/scripts/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/truepush.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
76688317b3c3634971711154c298d9d93ab26f1e2e7d970356ce2b6fdb3fc126
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4a2-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
quicklink.umd.js
jalantikus.com/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/quicklink.umd.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
8c69126babfad07d3771743ca0e2f574b9be1f40ac4ce6c7c3cd7a5be9cda85a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"783-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec14d7ff03d82c9844f4076d1683d35b85844914a7323552868745a0e602ed90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56956
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
4ICz4pIF3WU9b1MsmAGh/070X2iMJ8tKHmXywWFvHCmHKoGkAorvKju2pPdJO1TgSjgCpSogO6eZzDyWuQpjhA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 May 2021 10:06:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46c299242a5d4b158b59c7eff0388a36b10765708113d616f9b3351e04d8bd68

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2ca6a79fa0a79f3547f03b20f44bd3f2ab4374f0d0f9fe623f1e5220e553cc9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cc57ae42e3e8a14147e5f7db8e40ea94783e5a838d9fdc99c8b17f2d281be6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9d63ab70b969e2fdafdb4f8c6d5feb9432832e1d722d7285d957569327dcb1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1499f8dc5d7f95426b8fdb938fd6e1d4d956cf8f2c8acc879c8cf076013ecf07

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		598 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7efacc079a0c96b5cf539936afcd7cdc3650d0e94fa953130cfe2b3183a2479

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9cea38da.png
jalantikus.com/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/assets/9cea38da.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
59176b1eedef6fc7abd5c3a4cecd8064709cac3e1e95c8a128fdba79badab3d8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"143a-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5178
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
337615b213a503699faef8300c56f30a4e46cfac1e3b51fc3828378f7fb61a2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8ee1b6db.woff2
jalantikus.com/assets/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/8ee1b6db.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
cdb5194095b67f1ac215f38b213238abe3471fec933455d60d845bb916c30b6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:41 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5234-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21044
1f58a3d1.woff2
jalantikus.com/assets/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/1f58a3d1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
9cc1de1a2b2bf6a40d9a0e4d162d6bca439dad8fd6f919b0c9122438559bde70
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:41 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5b58-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23384
019d1236.woff2
jalantikus.com/assets/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/019d1236.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1b2a0f287979289861c6bb968278f82f5c071b68f46ef81070ecbb4e3b174a19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:41 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"c698-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50840
ebe43af1.woff2
jalantikus.com/assets/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/ebe43af1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
173c86431a9ae30d0874614de56116a230722f630fadbf652c209ce3dc1faaa2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"cf5c-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53084
a388c6d9.woff
jalantikus.com/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/a388c6d9.woff
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
595235a7e1a5d5ba486e141c01cda5bccac787e66649e82cec5a2c9878a5e80e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Cookie
valid_until=1622466279; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"86b4-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34484
696041037718286
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696041037718286?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
603dd45e77d021c9f286f46775ebd1c3237ba675f908029bb50e2a147ad20ba7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
ws6xm4NuOE2c6b4w8Zb7MAd//JcRMJR5VGpSkCJywOtgDwkh4erbGta0Y/9CUXmilZxM1URHbYFi+1NpIvJQSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 May 2021 10:06:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/ 		309 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:46 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 10:06:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame AB8C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210524/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 22:01:17 GMT
expires
Sun, 13 Jun 2021 22:01:17 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
43529
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-793174195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14053
x-xss-protection
0
server
cafe
etag
4209742185836358702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 10:06:46 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5994
date
Mon, 31 May 2021 08:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 31 May 2021 10:26:52 GMT
hotjar-1771071.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-67.dus51.r.cloudfront.net
Software
/
Resource Hash
584659b4657a2b055ca6360cb6429f1086a7247ef2cdcec01378f3a3b93caeae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
11
etag
W/fbfe0b92f64a609dcf4577efbbf83db8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
DUS51-C1
content-length
1923
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-id
qWxkMH6pMI_9IaymUEE5dBVKQxsZCKMjabOkqpgBaneDxFlOjHmceg==
d1f547c2d48610d1702141a08.js
chimpstatic.com/mcjs-connected/js/users/5ffec75b908e612179aa04b91/ 		50 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/5ffec75b908e612179aa04b91/d1f547c2d48610d1702141a08.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:46 GMT
Last-Modified
Thu, 11 Jun 2020 12:22:15 GMT
Server
AmazonS3
x-amz-request-id
42C421B07B719C09
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=227
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
xl9FDgyPH4YOeRz0QEfwRz0sEHV13QYMAJdPnXa/IMOdnjGJFZkjeAUqE7bntXRcChJZcNwFmXU=
Expires
Mon, 31 May 2021 10:10:33 GMT
js
www.google-analytics.com/gtm/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-PKJVNMN&t=gtm8&cid=1974213421.1622455607
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2465ca0a2bdf7bf188411b084d46900a7dfa349e104da0d25ea292abf1683fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35242
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:46 GMT
cookie.js
partner.googleadservices.com/gampad/ 		204 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=jalantikus.com&callback=_gfp_s_&client=ca-pub-3376685942337626
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
d8d4a28ce81fdb812a774a1ecdfed0ea43e1f5754623f0a23854e969aaceb4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tn=DIV&id=loadingbar&cls=loadingbar&ign=false
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A2D6 		182 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3376685942337626&output=html&adk=1812271804&adf=3025194257&lmt=1622455606&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622455606627&bpp=2&bdt=1040&idt=73&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2751992840418&frm=20&pv=2&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744333&oid=3&pvsid=2864632461296345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bb0b8d62969db7fec555e0cfdeccae993909daff5c49ac3a4b7b58e3efba08a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3376685942337626&output=html&adk=1812271804&adf=3025194257&lmt=1622455606&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622455606627&bpp=2&bdt=1040&idt=73&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2751992840418&frm=20&pv=2&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744333&oid=3&pvsid=2864632461296345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 May 2021 10:06:46 GMT
server
cafe
content-length
95
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 31-May-2021 10:21:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 May 2021 10:06:46 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:46 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=974115014&t=pageview&_s=1&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&ul=en-us&de=UTF-8&dt=Halaman%20Download%20Open%20Broadcaster%20Software%20Studio%20(OBS)%2024.0.3%20%7C%20Jalantikus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAQCAC~&jid=1725932835&gjid=413683886&cid=1974213421.1622455607&tid=UA-56475281-2&_gid=748956496.1622455607&_r=1&gtm=2wg5q1WVNL8MB&cm1=1&z=842374524
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5a9f57d95ecbb1bf1965.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5a9f57d95ecbb1bf1965.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-112.dus51.r.cloudfront.net
Software
/
Resource Hash
2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 14:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
589901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
58986
access-control-allow-origin
*
last-modified
Mon, 24 May 2021 14:15:04 GMT
etag
"5ceb8315474bd4c418f908d57285720a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
RafC99fnx4XDjz0K7DMhHTAtIo9MBsi61MGYGuoghgeFgmUSyJmMJA==
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-56475281-2&cid=1974213421.1622455607&jid=1725932835&gjid=413683886&_gid=748956496.1622455607&_u=aGDAAEACQAQCAC~&z=1631078462
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 May 2021 10:06:46 GMT
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/793174195/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793174195/?random=1622455606851&cv=9&fst=1622455606851&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Download%20Open%20Broadcaster%20Software%20Studio%20(OBS)%2024.0.3%20%7C%20Jalantikus&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d12f11ecff0846a9d52ffb877456b3c9c11c8ea2cec42e3c0a8b958c63196f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1974213421.1622455607&jid=1725932835&_u=aGDAAEACQAQCAC~&z=1650478135
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1974213421.1622455607&jid=1725932835&_u=aGDAAEACQAQCAC~&z=1650478135
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/793174195/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/793174195/?random=1622455606851&cv=9&fst=1622455200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Download%20Open%20Broadcaster%20Software%20Studio%20(OBS)%2024.0.3%20%7C%20Jalantikus&async=1&fmt=3&is_vtc=1&random=3108006374&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/793174195/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/793174195/?random=1622455606851&cv=9&fst=1622455200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Download%20Open%20Broadcaster%20Software%20Studio%20(OBS)%2024.0.3%20%7C%20Jalantikus&async=1&fmt=3&is_vtc=1&random=3108006374&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696041037718286&ev=PageView&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&rl=&if=false&ts=1622455607065&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622455607064.1912679014&it=1622455606608&coo=false&exp=l1&rqm=GET
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 31 May 2021 10:06:47 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryek1L2kjGtaLJOgRE

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 31 May 2021 10:06:47 GMT
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
cat~5d36dde6.1825a755.chunk.js
jalantikus.com/assets/default~about~activation~apps~artikel~contact~daftar~eula~facebook~faq~gadgets~games~gokil~gokil/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~about~activation~apps~artikel~contact~daftar~eula~facebook~faq~gadgets~games~gokil~gokil/cat~5d36dde6.1825a755.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
228eaf7ac0921f083a802e6f75bcc18075a961ee7400cb343bf150376fd737ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"fd52-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~ha~eb876783.bc2c4d6b.chunk.js
jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
b35ced4ee2b9a3b93761efe1a6fb27aca094b205b00815104f7c912eb9408a46
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1cac6-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~handler~news~prev~45a6da0e.c9dcca36.chunk.js
jalantikus.com/assets/default~apps~artikel~contact~eula~faq~gadgets~games~gokil~gokil/category/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~artikel~contact~eula~faq~gadgets~games~gokil~gokil/category/:category~handler~news~prev~45a6da0e.c9dcca36.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1194561301c1f1ae611c2d2adb63bf1d3c6e4e6fa6fddafd0977834027ce6155
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"e95a-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~contact~eula~facebook~faq~gadgets~games~gokil~handler~preview~privacy~tips~user.50826d96.chunk.js
jalantikus.com/assets/ 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~contact~eula~facebook~faq~gadgets~games~gokil~handler~preview~privacy~tips~user.50826d96.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
f8a00dfda0cef8be30c636c39e6a48651788087390ad903a8fac6b29ebd4ab70
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"9ed2-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~handler~home~news~search~tips~user.b5ffc945.chunk.js
jalantikus.com/assets/default~apps~artikel~gadgets~games~gokil~gokil/category/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~artikel~gadgets~games~gokil~gokil/category/:category~handler~home~news~search~tips~user.b5ffc945.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
b1e76b5be2d73eca22ad11ebe8d7300cdd7b9f07ca86d238df6923f1f861007d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4db0-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~home~news~search~tips.e547c5dc.chunk.js
jalantikus.com/assets/default~apps~artikel~facebook~gadgets~games~gokil~gokil/category/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~artikel~facebook~gadgets~games~gokil~gokil/category/:category~home~news~search~tips.e547c5dc.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
e98f5b6d6dc680a4ce82cad16158580f79b6cb9b08af0857a3d70793ba37bc62
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5657-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~news~tips~user.f9d4ab84.chunk.js
jalantikus.com/assets/default~apps~artikel~gadgets~games~gokil~gokil/category/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~artikel~gadgets~games~gokil~gokil/category/:category~news~tips~user.f9d4ab84.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
8d899fc968449336530c3a3acee69d1375f73ff015abdac04832c0566bfaa996
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4ff5-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~facebook~gadgets~games~gokil~preview~tips.ad180e45.chunk.js
jalantikus.com/assets/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~facebook~gadgets~games~gokil~preview~tips.ad180e45.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
6d8cd0dfd5d387409a996af662ec466d60d3e68130bad37f4d6516d74fd128a0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"794b-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~gadgets~games~gokil~preview~tips.48f7f4ce.chunk.js
jalantikus.com/assets/ 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~gadgets~games~gokil~preview~tips.48f7f4ce.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
72052062883433089a1f83541b9ac5a34031cee1bcb1dc27d0aadf57ea34e174
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1ce4f-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~gadgets~games~gokil~tips.f9466949.chunk.js
jalantikus.com/assets/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~gadgets~games~gokil~tips.f9466949.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
6d722e0fd0a55fdce5349b24c7c7b894058b2f4ded1e55de380cb84da8f7a561
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5229-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~games~gokil~tips.5e1393e2.chunk.js
jalantikus.com/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~games~gokil~tips.5e1393e2.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
23f0aae35c94a69857003dd81fefd28754fa250a71ab0a1b03bf50005261aa84
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"2d7d-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~facebook~games.eb535630.chunk.js
jalantikus.com/assets/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~facebook~games.eb535630.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
d04b0ed757cc19dbe7aae9f7b3146625479776888fde5ddac26df2fa3388ad01
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"c3d0-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
default~apps~games.0954fd43.chunk.js
jalantikus.com/assets/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~apps~games.0954fd43.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
ff8aaa7ccf820d6062536b13b3be3fe432b46d9b4b8e0cd79856b1b631d211df
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"22f03-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
apps.130816b4.chunk.js
jalantikus.com/assets/ 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/apps.130816b4.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
237cd96b4985aa1ba2dda2a8d654f210c00d0a6d011e39fee12f25e51208ea67
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"80ad-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
20670
api.jalantikus.com/v1/content/app/apps/detail/5566/version/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/content/app/apps/detail/5566/version/20670?download&access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0NzksImdlbmVyYXRlZF9taWNybyI6IjAuOTg0NTU4MDAgMTYyMjQ1NTQ3OSIsInZhbGlkX3VudGlsIjoxNjIyNDY2Mjc5fQ.8m0B66XGHRLZO-zwkFUM0EIVJHLMuVCmI7zLq9QgkmY&1328
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
64486bbff32304c96411157492cb642527e91a8e6b31c7afc22ffbc6f6b923bf
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:45 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
version.json
sdki.truepush.com/sdk/ 		176 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/scripts/truepush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:2600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53b432abc7b7bca1b37ea5a8eff17f1cf42c6bfee994afdac382516816eba433

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:21:52 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:02:02 GMT
server
AmazonS3
age
1525499
etag
"1750846158a87898512de997f08483cc"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
176
x-amz-cf-id
AqXw-7oIXpL6vCs2Bh3pReel1XRxt_X3zrQAtsOziKNpwh_eLF5tpQ==
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=2050297742136878&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622455610&dt=1622455610699&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=1105&adks=4056550729&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=970x-1&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
9f0ebe864c7df21c17fbdddf364c37fad6d03016de0ef583fc697979b442d2d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
923405c21e3c3d0731a0cd462e4607a85dbd8e8f92be4bfb0e1a65c9c4340c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8142
x-xss-protection
0
placeholder.png
assets.jalantikus.com/cache/0/0/site/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/cache/0/0/site/placeholder.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
1eba3346f184667c0ff98f0de88892f74ce7ca1982442d0c2944c312e4cd421e
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:15 GMT
Last-Modified
Wed, 26 May 2021 04:29:25 GMT
Server
nginx
Etag
ed706523121f57f28dc778c823272ae3
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/png
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
103.125.50.102
main.js
sdki.truepush.com/sdk/v2.0.3/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/main.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/scripts/truepush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:2600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42e4b568436b29320d64d25114e0c6681f90282220ce6424bf116d7409397e5c

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 23:26:39 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 12:15:13 GMT
server
AmazonS3
age
729612
etag
"6369b5c5aba753aa8b3a30edadc685f9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control
max-age=864000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
18730
x-amz-cf-id
4fhLltaJb9Xk5X23ZF0tA8UHkPbdXo9mFp9IQG8CyKBFJ3-YF3fzww==
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 30F7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-56.dus51.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 20 May 2021 13:17:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tqafI1p5E50ibMTukaYqwJ7p4Qs4l3tlfS1V6x_ZKsoTH7pHblnbQA==
age
938985
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3376685942337626&plah=jalantikus.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BD62 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 31 May 2021 09:55:41 GMT
expires
Tue, 31 May 2022 09:55:41 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
669
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8500 		783 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67a58352f8683d1ca5b113fbd1e03ca555aab03f04fa15c1f2a6675fa7f9ca21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W8RRKIUf2lG5WUlI7uWMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

expires
Mon, 31 May 2021 10:06:50 GMT
date
Mon, 31 May 2021 10:06:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-W8RRKIUf2lG5WUlI7uWMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame BD62 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
100456
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Mon, 30 May 2022 06:12:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=2864632461296345&bg=!x8SlxIDNAAaMan2LjGo7ACkAdvg8WoqBr2__LFrG1XH_ZNHQmreirDtclNrqZ3mO0i123CnT4lEqhwIAAACBUgAAABBoAQcKAFzFHS9Dp1y672Oa2Co-NfZcjAfT446c6Ckc36bX22Gh1SAaMcWLPM1UZF7rvbh8t9WtFCOuoipDPJ1BWKbtTOePuzK5TofxUIMd3xsmn0-DbW-aThq7sI1kg2mClZkCV8rItrsSQbGOM1m14RbFvL_QuSEJFm8xVCSZb41dsD0nCEd8dgnoG0SthCPTkIvZ0zkf8o5CH5VNuAZgafexqs9ohXwSa1x_XeY1Kyh32gO19iTk_vESQbGxxiQZ2HAOJA6lqfKHuymDTs2QHfPWq16TvNp1fW1-nHN8s-3lBEKpLjoqJ14Y6F5JV0zNd9SleFFTHQ7netzMAcnIYNlN-OWzyvtpWD2sVdd9OfhP5GlzazF5GNZ9zDK2-C72QjBkPNnuAu3nA14WVkR-2vScvkQljQ_dFfqqdTWRScg3CCmvo2QxLOGXLLxNsFrdKbo6twjmQtoDaspy8LOqcdtWSp6tHAZbRFVtLlqgXlF3Mx0cOmiKDFA8PHEtXOQHwaSL39Kvib5jkp0wGt9LOD7N8ekuccVRNFevQqrJj9nupRY760cr0C2VwXTtQarikeJNUdZua6TxuUlz_ItpJ08vMgzHiMLQM4V-BqzlUlgz3_I4OjcKvAvPyq47nyyqsUBsAsUuebKCKlgi_x7MYlrC3NvAg9l5T8bzoCy97pItjJ0YlHtqcKdN5MM85jfVFpzlWYE4q5M-Hlo9mhQ4h8iTNuf6Oz7lP0WNAnfTW-hURHZ6fMRaMWfofGIqr9EbyzjqTTwLi7A7vDxNauT_VbJti0mdrKWLR9Xh2kTH5xTUxlNNj570lCIv46O6jd14DNPonSuTlkOgjy0RR0jesW_WbDn_Xe8a9HzvfsNS58IBj-B0mWq04JBQqdYN_ZT7Zq0OovLBJTqTDhYsjlgAPsQ_zTD3DbpbbdUu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9cea38da.png
jalantikus.com/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/assets/9cea38da.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
59176b1eedef6fc7abd5c3a4cecd8064709cac3e1e95c8a128fdba79badab3d8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:45 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"143a-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5178
8ee1b6db.woff2
jalantikus.com/assets/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/8ee1b6db.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
cdb5194095b67f1ac215f38b213238abe3471fec933455d60d845bb916c30b6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:45 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5234-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21044
1f58a3d1.woff2
jalantikus.com/assets/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/1f58a3d1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
9cc1de1a2b2bf6a40d9a0e4d162d6bca439dad8fd6f919b0c9122438559bde70
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:45 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5b58-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23384
019d1236.woff2
jalantikus.com/assets/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/019d1236.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1b2a0f287979289861c6bb968278f82f5c071b68f46ef81070ecbb4e3b174a19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:45 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"c698-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50840
ebe43af1.woff2
jalantikus.com/assets/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/ebe43af1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
173c86431a9ae30d0874614de56116a230722f630fadbf652c209ce3dc1faaa2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:46 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"cf5c-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53084
a388c6d9.woff
jalantikus.com/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/a388c6d9.woff
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
595235a7e1a5d5ba486e141c01cda5bccac787e66649e82cec5a2c9878a5e80e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:45 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"86b4-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34484
data
api.jalantikus.com/v1/component/header/ 		898 B
767 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/header/data?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
8d5ecbf788b59458f6a4466c9885651cb08c936c6b411fd990e19fb59a01d1d0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:46 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
thanks
api.jalantikus.com/v1/component/app/fetchParts/ 		2 KB
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/app/fetchParts/thanks?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
0a233fb206bbfca5c2e09ea81430af4a64e7f1fc76649859b0a49bb9cd09f447
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:46 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
0
api.jalantikus.com/v1/content/app/apps/detail/5566/component/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/content/app/apps/detail/5566/component/0?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
97185c50da5c5ee4fcc5ec6cbd29049d4c9aa40fde32a12bf50c999b1ba6cf16
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:47 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~apps~games.0954fd43.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26db2891bd423c1cc00655994d7562f9a72e38ab46bbc716ff0c521339d5f73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1LmrJWqRMiuYcxXc5x5Mhg==
cross-origin-resource-policy
cross-origin
expires
Mon, 31 May 2021 10:19:00 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
IbB4tMtzicB/ewEVqbEAsP7ZZHZcubdXSg4KHw/L1ggGbyb6IsRDRXixuS6uKoiQpPeVQIORn0veyNa6CV1O/Q==
x-fb-trip-id
686109401
x-fb-content-md5
f106c640739820bd2c78b6da1ef85d0f
date
Mon, 31 May 2021 10:06:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d4fa4ac55a46ecb225901e56132d2417"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
ironsource
api.jalantikus.com/v1/content/app/apps/detail/5566/version/20670/ 		236 B
684 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/content/app/apps/detail/5566/version/20670/ironsource?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
0357a64e201bef361dcbeb405a11adf272d092b1dc1b4b7cbd1f4a1fd82e0436
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:46 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1c28ad538bcb6a66cc1cce5c033e3659&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66c76b125fc3496d8c3682df4a2cbaedd8b20d56967923149bb31de7bd0f6ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://jalantikus.com
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YL1LaJOTFvggllmV2G21aw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65699
x-fb-rlafr
0
x-fb-debug
FMnILvaExys+FB0wbLj6G+xlFmI1YhTf/dymdmSHCksJRI8B3t4DSds328KOszC8np4djKcmk4/Te8MSjVVryA==
x-fb-content-md5
b60fa012cf9b6a5b45616a7269a59693
x-frame-options
DENY
date
Mon, 31 May 2021 10:06:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1f7178bfa266b59aef9b3ae7f661d872"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 May 2022 09:37:03 GMT
page.php
www.facebook.com/v2.10/plugins/ Frame 5A78 		58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1c28ad538bcb6a66cc1cce5c033e3659&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
440c688ddc4c70abb9dd0380318b78e8c23d4a0cef3b2caec92bfefd1c042e66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

x-fb-rlafr
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
content-encoding
br
strict-transport-security
max-age=15552000; preload
facebook-api-version
v3.3
x-content-type-options
nosniff
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary
Accept-Encoding
pragma
no-cache
content-type
text/html; charset="utf-8"
x-fb-debug
pdVVygEy6NGAZGY6CAQbgt5W9fmbwgnS3J7qFEMsaq7KcnTv1NafzCzMVr6J6mNhtwbVcK0fGbbrgchVepSkng==
date
Mon, 31 May 2021 10:06:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
5XdCPi2qnWo.css
www.facebook.com/rsrc.php/v3/yo/l/0,cross/ Frame 5A78 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a0be26a38f4c076a9bee84f35d0e96c0fd2f23cf2f10e056850249d0b678f3c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:06:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fkyVXgd9WOZ2VJ5qvU5hCg==
cross-origin-resource-policy
cross-origin
content-length
4631
x-fb-rlafr
0
x-fb-debug
5bCIeOzakiuAgpS2EAN0rI3regbw8MkFEv2QlzF1Q6oNlREOc5yvcILt2jRVWlCzKLEYKwkNQpjCtNBbi+YTyw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 17:06:46 GMT
ggzcJLJkhSr.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame 5A78 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy
cross-origin
content-length
1102
x-fb-rlafr
0
x-fb-debug
nl9zIMcqcteQnWOm3cQ7sSvnzT4T1EQ/zh1xCxE2tQPuCP1E32IlNYiD3mVPuxJmOolNmtWLYkElguw+6F0D+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 21:31:49 GMT
xUCu69_VoIG.css
www.facebook.com/rsrc.php/v3/yf/l/0,cross/ Frame 5A78 		6 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db0e1623804f57a91f35c62d76eb52d079feb4116387eceec465e27a4f43989d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DP4uYwyrlqBlmKvKnnT6fQ==
cross-origin-resource-policy
cross-origin
content-length
859
x-fb-rlafr
0
x-fb-debug
5v2IgPJ251iuPH5rfEAb97Kj33dnRQ+Y6hf8I8gIM4vO9djiZNb2XvKzjM9ohYyEv6CxukIu/JVj9b+2W+9Frw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 17:07:55 GMT
rRdpQF5MU4a.js
www.facebook.com/rsrc.php/v3/y2/r/ Frame 5A78 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CVgGlvs5c6fw4bV6J57pWw==
cross-origin-resource-policy
cross-origin
content-length
81394
x-fb-rlafr
0
x-fb-debug
4ufP1wk0NFlp6brtAP7FJRBwCIocH3+8jP/DPYw8gXE/RcObvKVNxh3bm4c4vUFTHJuzXXHpIXsruRiRRJsFIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 01:07:44 GMT
l35Ih3ZMabZ.js
www.facebook.com/rsrc.php/v3/y2/r/ Frame 5A78 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y2/r/l35Ih3ZMabZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11d3c19422f3aed2dfb0d718d09bfb98ae6611505bd3cb136ea8efeba4f5444b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 21:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
c8DhBOu83qeoHdEnVT4k2A==
cross-origin-resource-policy
cross-origin
content-length
19665
x-fb-rlafr
0
x-fb-debug
YaY1dZVvCtJhLZGPJJej7E7iDUydouUrL8LKq4h6XtbRhlW+5VNaL93aKPSuRXF2vjoLIN8qrBDJV7VS4RRsyw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 21:21:03 GMT
E_Gl3BdgcOh.js
www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/ Frame 5A78 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/E_Gl3BdgcOh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 16:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
igf0WSmG2b+bEy59/WZ4bQ==
cross-origin-resource-policy
cross-origin
content-length
35958
x-fb-rlafr
0
x-fb-debug
bmAs+VP8Tm0vJzR8gJmsy5Ozc+7k31YrdItj6qGQvGJTOYBP6nUfe+UkS15Uypa33i9YSNLQhkyy18yRr3z93g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 16:53:05 GMT
Qz3JrrlIhso.js
www.facebook.com/rsrc.php/v3iLl54/yw/l/en_US/ Frame 5A78 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iLl54/yw/l/en_US/Qz3JrrlIhso.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d82f7fa499cfcf79fb47fc1577ae16b2eb24ce1ba683735d704b4f41d5a365
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 22:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QM9fImQ5E1No6fjoVe0epg==
cross-origin-resource-policy
cross-origin
content-length
4970
x-fb-rlafr
0
x-fb-debug
fnRymR9OUoIsUjAcn3Q/j1PEGU1CXr8Mop7VfQg/wrzR7Q6R26kOZh/0X+t0Xb203qxISS3e+k1xekyC7OI2BA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 21 May 2022 22:05:20 GMT
ykbSkxJ8VJE.js
www.facebook.com/rsrc.php/v3/yA/r/ Frame 5A78 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yA/r/ykbSkxJ8VJE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 12:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8u6hsl3sOAhh3qFnVy4qyw==
cross-origin-resource-policy
cross-origin
content-length
3219
x-fb-rlafr
0
x-fb-debug
1SIJVIPRMYzy0DVdmt0Cd0weH/n2+0aZgca/IUzOlfwGDOKBefXbsLzYNBl4Ae82YBTS142gr4RCHP5MZy33WQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 12:53:09 GMT
vfI7Ymn7Vjm.js
www.facebook.com/rsrc.php/v3/yu/r/ Frame 5A78 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yu/r/vfI7Ymn7Vjm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f2fa3512a351635d46ea8ed645035eb1e4bdc31822f75e17e7497caf36ac395
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 21:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pTCCOfNkI9vBB/ZTw+EU0Q==
cross-origin-resource-policy
cross-origin
content-length
46176
x-fb-rlafr
0
x-fb-debug
J2K/PMTV1QDJTBTtolok+LAfb4NUFfFNQk2/uJjWmufUPlUGdaomeD4n9wgP4mWL2RR/VvTuvYuDTLpG+O2IqA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 21:21:03 GMT
IEOQM8FL8ot.js
www.facebook.com/rsrc.php/v3/yr/r/ Frame 5A78 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 12:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy
cross-origin
content-length
1630
x-fb-rlafr
0
x-fb-debug
Bt26QlI9GasaUKkt4arOaxUrX/VvSAGFzMFTfsjor0IspRwKLJ3uDwyx/DAEHov1piYFk+m6Q1iUFiBMbt/oDw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 12:53:09 GMT
X0zaXtEr1Mw.js
www.facebook.com/rsrc.php/v3/yT/r/ Frame 5A78 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yT/r/X0zaXtEr1Mw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 01:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5frdhaI2QBHURlNBgnqAfw==
cross-origin-resource-policy
cross-origin
content-length
2493
x-fb-rlafr
0
x-fb-debug
CAfYwdGVPIwep9aLMVhVpkb6f5pXEtSltbRp6CS3wtpAPa5pen6ZQ9UU17rocJlmN6bR0XR1b/kEw5m0IWqCJA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 29 May 2022 01:28:06 GMT
SohvyHf9bqU.js
www.facebook.com/rsrc.php/v3/yR/r/ Frame 5A78 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yR/r/SohvyHf9bqU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 12:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
riaa4M39g865Cd4IB5wjSA==
cross-origin-resource-policy
cross-origin
content-length
2093
x-fb-rlafr
0
x-fb-debug
1J1lDMj/XZlK2RvzerRJfRP37+2Ki3J8Twf0svLkfQzk9ZeO4oQpPPw5n97uErvhekIuMRn1x/r6KVWVxy7jBA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 12:53:09 GMT
q3JF3hLjbAD.js
www.facebook.com/rsrc.php/v3/yc/r/ Frame 5A78 		2 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yc/r/q3JF3hLjbAD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 16:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1ETliEs92UIU/fKzQa5sDA==
cross-origin-resource-policy
cross-origin
content-length
797
x-fb-rlafr
0
x-fb-debug
WGwBiPkCLA39xetYaOb79Ty0a9v6EalMhtY5P5aACkWuJrensz0pqCiOlbgQztVcx0MxPO7OzGvnp+PtgdH67w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 16:53:01 GMT
163608136_3817678131601601_7780712328740672292_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/s526x296/ Frame 5A78 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/s526x296/163608136_3817678131601601_7780712328740672292_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=dd9801&_nc_ohc=KaicXX4frTUAX85T57j&_nc_ht=scontent-frt3-1.xx&tp=7&oh=8ccb3d97a1aac0828a381980502d5432&oe=60DA55BD
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8983c51925e99fdbb858acc411d9f2322426406c4071796a4c250ded6c258da

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2148844818
date
Mon, 31 May 2021 10:06:51 GMT
x-fb-config-version-elb-prod
1116
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1116
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
16964
x-fb-trip-id
686109401
last-modified
Mon, 22 Mar 2021 02:56:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
3arDTqd7Yj7XVg9lEAXG5SP_F_cdFFLZWzXUjF6PnT-67HK5UQU3_20xYUlfEybZ3k0UYaKSwiA_2EnEjftFhQ
x-needle-checksum
4051574716
timing-allow-origin
*
15232285_1173618959340878_6310424415379257670_n.png
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/15232285_1173618959340878_6310424415379257670_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=wGc3ajlwuZAAX8wlWv7&_nc_ht=scontent-frt3-2.xx&tp=30&oh=cbad01e91b77410b17828da439fb7d42&oe=60D94ECA
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d29f1dbc4fb51fce8983864f91c4d985575238e8f36b17a434c6ccce9fbf5c4a

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2471927707
date
Mon, 31 May 2021 10:06:51 GMT
x-fb-trip-id
686109401
last-modified
Fri, 02 Dec 2016 02:40:06 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
653771775
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2707
qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
oDIPjI+yG0c43HF59ujj5FVj0mkCDJiNf+/w6sNvBkWlMHWZrct2cz/PR6L4fg58PQkaBOgQ985+5INMaGbh1g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
iN31dShDArRt9ZikrDb13w==
date
Mon, 24 May 2021 17:57:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
2616
x-fb-rlafr
0
expires
Tue, 24 May 2022 17:57:51 GMT
ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 5A78 		573 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
w/fMw0DrZxMGtf9Rccu7AJFTGyVkaSrXrJYBtFb9Rae0RW9TqOQo46iFEoGQpGDqHpN1xqeFzUfMy6Ol1QGAYg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Y/eW3MWFNJnkcpEqoXzG3Q==
date
Fri, 28 May 2021 23:34:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
573
x-fb-rlafr
0
expires
Sat, 28 May 2022 23:34:54 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 5A78 		80 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22606284726054517%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fjalantikus%22%2C%22width%22%3A500%2C%22height%22%3A250%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fjalantikus.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKBz84e1QyUbFp62-m1FwAxu13wqovzEdEc8uwdK4o6O0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ew2MoG&__csr=&__req=1&__hs=18778.PHASED%3Aplugin_default_pkg.2.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1003879642&__s=%3A%3Aua9ryu&__hsi=6968393789536139327-0&__comet_req=0&locale=en_US&__sp=1
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/E_Gl3BdgcOh.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79ac1efa0984c94727fb6d27906e9bcae3265dfc85187f4d56323b1b9d4d6c9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
wNHjxr6nGhdgX6tnvmySgE
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
FNeN53PEEnUsdHVwnsttCAo/vbY+ZTtRXQLJK8qjhJOW7oi4Sr06lEOO9KSNNFQiBASmFlaXoa3/m7mtkpx9iA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 May 2021 10:06:51 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 5A78 		138 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/E_Gl3BdgcOh.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d1312d78dd7e434178dad3ad4b96e2d191351703f2c7f61662d915a54bdc4ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
wNHjxr6nGhdgX6tnvmySgE
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
+w4amTR6PALR12p0iQ7Ks8FZ+Je+PmxB3hTne75OhdrEE1FI0/Ny3VauotavHNu1jvd4gBq3yTdlKJ8ROvdB4A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 May 2021 10:06:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
NifK3RmDZV7.js
www.facebook.com/rsrc.php/v3/yj/r/ Frame 5A78 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yj/r/NifK3RmDZV7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
676b08b58a83b85d935259990e459dbb39d53b7709eecb0fa42c8c3b60d17e96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 19:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KsVcQfrhYUofIivVjpaMrQ==
cross-origin-resource-policy
cross-origin
content-length
5954
x-fb-rlafr
0
x-fb-debug
Pp4GGmB7NcJKCTJSLQqSCg/BMyXyLjDuNWFRjV1BjXb9tLhb0Zd5s+XxOgRuP6PaHeagEuzQYZ5Nr7gT0GKVsg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 19:27:35 GMT
JopZtdti8dq.js
www.facebook.com/rsrc.php/v3/y_/r/ Frame 5A78 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
content-length
2270
x-fb-rlafr
0
x-fb-debug
+4RhHmQMPN+yJcC8l20t3LFPPoKfER0WtJOka+zOWTHqVTUulEg3Z+dAh9jo2UB6a4vmIRbb2VzfxDssJ2d0UA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 09:55:17 GMT
onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame 5A78 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
FACeH6P0MNiklgDW0xVJm8RO5BrrWXEjDTebL571A2UBYHEbrLmgJ+JFw7Ktvix4tFlGZl0zeK9oXNrGnUa7yQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
OK0dmVpVmdoMRpKMP9eDcg==
date
Sat, 29 May 2021 01:40:20 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
3944
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Sun, 29 May 2022 01:40:20 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_300x250_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611738&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=1055&adys=141&adks=3564718388&ucis=2&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
250cbf968b1de6a4745b709764e82a53375841570b8d009e084f42790c7a83fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9589
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_300x250_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611740&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=1055&adys=411&adks=400162579&ucis=3&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
eab66b99121d1f77efe0db34f5c6ce02eb3947b7af28761ec13b2f9f9ad933c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11530
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv2_728x90_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611742&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=156&adks=4055850684&ucis=4&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3169ea4653e42f463f679dcee776e06efc33c35227105bd24f796b6e6199412d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv2_728x90_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611743&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=276&adks=3781359460&ucis=5&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
17ec396ddf975db57d3b15f05c3370a3225063eaea7af852933246879369ef06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12850
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_728x90_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611745&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=550&adks=1109435637&ucis=6&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
652492fbeb7ad4c7f2cf44d4e7653debb1f2b0600d542ab92d8b7897d682ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_300x250_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611746&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=245&adys=665&adks=145010919&ucis=7&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8f197d07f0dd1f37bb818793abd3bd443f8b1e596668a2cee9c6cff535f49895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8406
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_300x250_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611748&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=245&adys=935&adks=2333532581&ucis=8&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
7b4eb384716e1d76a1fe9012ec485ff36dc1f1c9aa3a8db3f917924bfcfb1d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8731
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_728x90_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611749&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1230&adks=39845917&ucis=9&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=728&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
75befd9446f7f1cd9e6b1ec31edc4848adafc960a6635339f106e2a7f5092b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12358
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2864632461296345&correlator=4406310716174363&output=ldjh&impl=fif&eid=31060789%2C21064372%2C31060991&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=tag_ID%3D0123%26domain_ID%3D01%26categoryID%3D0101%26jt_ads%3Dv1_728x90_desktop&eri=1&cookie=ID%3D5384c93eca468f5b-22f3560032c8004c%3AT%3D1622455610%3AS%3DALNI_MbRRLqm9ITEWO8psjFczeHBtXoN_w&bc=31&abxe=1&lmt=1622455611&dt=1622455611758&dlt=1622455605587&idt=1285&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1510&adks=3796193045&ucis=a&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1974213421.1622455607&ga_sid=1622455607&ga_hid=974115014&ga_fc=false&fws=4&ohw=728&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
b84539269ca2629b9be42e7835d07afa3827af813602c4c0b98fa1f2047c98b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Qqaz6RRrLjc.css
www.facebook.com/rsrc.php/v3/yp/l/0,cross/ Frame 5A78 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/Qqaz6RRrLjc.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
269d2aeb54ca71922b58ac204cd570c2aedf71eccf98ed5c2edf2cc12ba66942
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wtYCzAd1QR9K2vR9nwfZPg==
cross-origin-resource-policy
cross-origin
content-length
5264
x-fb-rlafr
0
x-fb-debug
q5Ux6189ybTBz49Dflu6SihbmH3zY6RU4SJZ03Raptg/VTcZo7AcE+kN7s3hyKFRLhfIP84RURJRWH0MVknR7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 19 May 2022 16:47:04 GMT
8zxpfB5cm1Q.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 5A78 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/8zxpfB5cm1Q.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa50447f38e14580ea8bd2047698d6bace11f5631ea3e5980e8a96e5ff3bef38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RnSo9vT9RQfuWvmy4Ln0OA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
16150
x-fb-rlafr
0
x-fb-debug
0q4dHYdTwLvFd4nHMAKZNfcBgvO0/W8JCEt3wCp2Lhq4S9UktKFqhuf5XNkCp0BjtfRXKyQG0WgipY3bj1+fdA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 16:53:05 GMT
UG5hFH3OnGZ.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame 5A78 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 12:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy
cross-origin
content-length
7078
x-fb-rlafr
0
x-fb-debug
MaqmOy/jTuCu2HbagWIwTo5XSGJDAt2Hgor3i6aVa1XqauD7ii+nYZ5TnqRcRNMJAKAoMXCWt06x/w8vAkTiuA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 12:53:09 GMT
33hb9tZ1Ds8.js
www.facebook.com/rsrc.php/v3/yu/r/ Frame 5A78 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yu/r/33hb9tZ1Ds8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
221b1459af8f41252a68775f825c9855f32d94f172c87194501ab5235c65503b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 15:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cS02ABWUm9JVWUkpc+wVnQ==
cross-origin-resource-policy
cross-origin
content-length
5772
x-fb-rlafr
0
x-fb-debug
Hbob7vOwGbLNQ17NnDg1hpk2PqmYNkXDl7ce1hJK2qPqPmlA1wCzIy/l1KkzRWYHduJZ2P8OKNOJJuMrMNEPaQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 29 May 2022 15:52:59 GMT
QAtzoDVsrCZ.js
www.facebook.com/rsrc.php/v3iEBX4/y3/l/en_US/ Frame 5A78 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEBX4/y3/l/en_US/QAtzoDVsrCZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04bb1699b5fb03957a5a790ba42f967b739ce65d8e353f229c6889685f720dfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 16:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EgX3jJIhou2BbaXTPrQ2VA==
cross-origin-resource-policy
cross-origin
content-length
8256
x-fb-rlafr
0
x-fb-debug
vCiK34bDpWJ79k2tRPwXDEVYjzgo78O/2jn9+ZlaRu4vYHCqSC9ndVARaxV32NQTZh49Gccc+ujqQrB8giZcfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 16:53:05 GMT
Ek10ELLuAdl.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 5A78 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/Ek10ELLuAdl.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6a27c83c2b60d3173b7e82d9d84b1902033c6155fa7173a59561bf489857777
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
v+bJyc2OFfx/TIXUEl30hg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
906
x-fb-rlafr
0
x-fb-debug
RwtzLpt6HBjT//fTku88zrcq1m89JqcsBPgNiNE0/GDYn0jgu7tE3XpR7jKjhWZ2agqAju7wpuZBiAV+iJlELg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 16:53:05 GMT
5KTWL492ptw.js
www.facebook.com/rsrc.php/v3/yL/r/ Frame 5A78 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yL/r/5KTWL492ptw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29491d93022eb312a91d5a5c914e606b0fea45683e35d85d8f3758b307814520
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 15:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
w3ft5y2t9ujFfqFlHCjGcw==
cross-origin-resource-policy
cross-origin
content-length
844
x-fb-rlafr
0
x-fb-debug
//X547G0OaTojI2OOVPMVNjhEsMPnDJ3zzbnuDllJZuPWXAHHtriK8PMaOhX6SSF/hEz1uz062ZFW98daUBPlQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 29 May 2022 15:52:59 GMT
truncated
/ Frame 5A78 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
MM2tCOl-Ndb.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 5A78 		2 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/MM2tCOl-Ndb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IlI3TkunStfNPgYtYjV2iw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
656
x-fb-rlafr
0
x-fb-debug
gwm33R/uMjhbZ6T/yeTZ1QnbUEHeDaf4Rl+4pybGRvsh49XjTMABBGvfHt0tva6JyFcP59nhNcc0G38132MpPw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 25 May 2022 16:24:58 GMT
gpiqFbt2EUi.css
www.facebook.com/rsrc.php/v3/yn/l/0,cross/ Frame 5A78 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yn/l/0,cross/gpiqFbt2EUi.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a293f3eaf0553e6984a47a8b22e84083f2ae5d07afdce2906b3ae6a48811ddd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 21:45:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZUE0gqKbxKhDBNU4XaeepA==
cross-origin-resource-policy
cross-origin
content-length
4295
x-fb-rlafr
0
x-fb-debug
ly557eRV0oQkqdJ3cC2ywgiiGqUQr3Yp2pPVelXH95PUn0UAoFsqhmcDC2C8Tr6qQoRAQvORgPND+WbnXGom3Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 24 May 2022 21:45:16 GMT
SstzgicKir3.js
www.facebook.com/rsrc.php/v3/yb/r/ Frame 5A78 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yb/r/SstzgicKir3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e14d009d5c1e8953832df9e65fc55e5e91d7e7235f632b06cdd12113d334c3f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 19:32:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7Y/l3TA92TNp7zo+ZewQsA==
cross-origin-resource-policy
cross-origin
content-length
5685
x-fb-rlafr
0
x-fb-debug
PdtkcVf6DYeIsKX8P3a5fSoJrQI0C3y3AIeL2O49EH0EX1ckdkLDmjKDCTrPcaVSs8sitQFZbr7elqS5rqBOmA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 19:32:02 GMT
t-GXSricKNb.js
www.facebook.com/rsrc.php/v3/yL/r/ Frame 5A78 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yL/r/t-GXSricKNb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b084bccf56424e2c46798c98c4660855758741cbab22e992cc743d8f483e39b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=606284726054517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49bbc6724c994%26domain%3Djalantikus.com%26origin%3Dhttps%253A%252F%252Fjalantikus.com%252Ff2de21523fb24%26relation%3Dparent.parent&container_width=650&height=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjalantikus&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 21:21:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1aCIs2YMdee1s9Ia/DWoVg==
cross-origin-resource-policy
cross-origin
content-length
27978
x-fb-rlafr
0
x-fb-debug
dWMVYaXjo4WfPgPKMN+HvsiaKEsRA8u4z7FNG2yBZZgTxdHO8pgijzS+gGczG2ZDp7ldw/AO3Kcr9OoRWbTtBQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 May 2022 21:21:04 GMT
15232285_1173618959340878_6310424415379257670_n.png
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/15232285_1173618959340878_6310424415379257670_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=wGc3ajlwuZAAX9en47r&_nc_ht=scontent-frt3-2.xx&tp=30&oh=8ebd3e5d5c234bbefd60826f6662f016&oe=60D94ECA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d29f1dbc4fb51fce8983864f91c4d985575238e8f36b17a434c6ccce9fbf5c4a

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2471927707
date
Mon, 31 May 2021 10:06:51 GMT
last-modified
Fri, 02 Dec 2016 02:40:06 GMT
content-length
2707
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
653771775
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 5A78 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQHChhpnNP7W4Q-P&w=540&h=282&url=https%3A%2F%2Fbuffer-media-uploads.s3.amazonaws.com%2F60b4ad5590170268e30a2784%2Fe80caa88242e18564dfc69b7092f4debbe854903_e64b6deca9f0df0b1c97f5d873cf5ed42ce8e385_facebook&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQGr3iW7j0WRMhrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a03ce730fe57959604712c807c5701ccc859d10dc020164e573be431b4b758a
Security Headers
Name Value
Content-Security-Policy default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1116
x-content-type-options
nosniff
etag
"9ba41a2592aa320b7033a8e5fcffe351"
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1116
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
35239
x-xss-protection
0
x-fb-debug
8yprUXfmzkGC4/H8eVxFdkqEOcN/J4m9NuGIn+zy83mu0DY4ay63IqbCQUpv2XxbPmGINY62WF5Cnc8qEp7p+A==
x-fb-trip-id
686109401
expires
Mon, 31 May 2021 10:06:52 GMT
last-modified
Mon, 31 May 2021 09:33:12 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-fb-config-version-slb-prod_regional
1116
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 May 2021 10:06:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=0
access-control-allow-credentials
true
x-fb-edge-debug
flfyjm0Yz1a4QVXdSvXtHXGPMJKXTR2rIoI3yxmSn39l1h8LjrCrdXEclfWRr24ODJQGqXZT4K8XWIDFzCls9Q
x-fb-rlafr
0
content-security-policy
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 5A78 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQE_jx89TWNz8anZ&w=540&h=282&url=https%3A%2F%2Fbuffer-media-uploads.s3.amazonaws.com%2F60b474d8f5bd3a7e885b3502%2F60fd814c3bfb6d6c58972096edeecc81dc358d9e_142b399b188991bb9aa93065200a1723986c9038_facebook&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQEBdU_YzYuQLCFd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5df9d312caf6209b5e49a4842c05b32ee2d09cfbd2e33f1f578d2d7427275b30
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1116
x-content-type-options
nosniff
x-fb-rlafr
0
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1116
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
30834
x-xss-protection
0
x-fb-debug
DzbD3fQ0rUekUSb17ecC1zrUEnliyJrV8LH94F8K56n/AfErj1CxD/DA91FFTgCMlCzzO6r/5XqKIH9604rKNQ==
x-fb-trip-id
686109401
expires
Mon, 31 May 2021 09:01:36 GMT
last-modified
Mon, 31 May 2021 05:32:11 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-fb-config-version-slb-prod_regional
1116
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 May 2021 10:06:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=0
access-control-allow-credentials
true
x-fb-edge-debug
6QFfUNXTYGDVN7Thyz8hNQry_8Agfz-FuPMMH0kejg2HdtkPeJ_BHDiqd7L8JDr2bW5Ax32itovS-yp2TJlO2A
etag
"de6442f2ab6f1ed35f52e8a3e46fd574"
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 5A78 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQHALgeFE0Qj2i0A&w=540&h=282&url=https%3A%2F%2Fbuffer-media-uploads.s3.amazonaws.com%2F60b474be7af8852ece02eb0f%2F7b14a10dd91d8516caa34a8e5913a1a329c43f65_cf5cee660a2a722bae9c2fead3a01de074960a54_facebook&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQHe3uu1hGpWT287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
411b98e9c46d98be93b8ce34a96f01b0985ef7e812f96dfb9c5ef723bd324213
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1116
x-content-type-options
nosniff
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1116
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25219
x-xss-protection
0
x-fb-debug
pkeTfOlRAsW2UbPVc6oSdvR6bqFPQv3qWK8B7jsqrBpeMz0TOeMGPUfoDM6LneCC+i2dIsJS/KQNf6c0xSjYvQ==
x-fb-trip-id
686109401
expires
Mon, 31 May 2021 09:55:28 GMT
last-modified
Mon, 31 May 2021 05:31:45 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-fb-config-version-slb-prod_regional
1116
date
Mon, 31 May 2021 10:06:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=0
access-control-allow-credentials
true
x-fb-edge-debug
gLGu8_raGIy20pHfvIbe-IeCINhf4UNJTTHeI6zCbjOQQUnGbMUVGcma-DEURMspiWdWzowDmjiQWDmcPKmtXA
etag
"be4a5fb23e48421836a4c0d9a5dd8b69"
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 5A78 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQFBnou8J1ql_g9V&w=540&h=282&url=https%3A%2F%2Fbuffer-media-uploads.s3.amazonaws.com%2F60b474a12ecfb442ac019c07%2F78fdfa2ef87b4e422f15bfb7d2ce962581bd21f8_b0a9aaed44dfa03dad7688feaa902cec01cb4e1c_facebook&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQFYbIvfpQBOgEIx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef37af64846a7f46caa9146a95ce820e76acea1ea8f1d1472f140174605b9920
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1116
x-content-type-options
nosniff
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1116
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
35776
x-xss-protection
0
x-fb-debug
Wtq1/+Yn9cVsITP9lc7FFUeKmMPQ8VEftLJsVorAS5hRrqWKp57XeVZcO2+0u3W1abt/cmX1KK28vvXx8jLEWw==
x-fb-trip-id
686109401
expires
Mon, 31 May 2021 09:55:28 GMT
last-modified
Mon, 31 May 2021 05:31:16 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-fb-config-version-slb-prod_regional
1116
date
Mon, 31 May 2021 10:06:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=0
access-control-allow-credentials
true
x-fb-edge-debug
xT9h8QgwZ3e0-G_Vb3VC5tveOQELaoAZF7FG0D_k_SyAbWAUBUU9ZANgvYCcWvyKPv9K24pu2juDZxmzY_f7aQ
etag
"a13c928f30ab9ea027260a060b08c94c"
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/Qqaz6RRrLjc.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/Qqaz6RRrLjc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
ov/H9ijDwAlcqwdRXvhuXxWe3wAfo8xcItZ/zvhoD8YbRa2ewuHIDJvvIpnRlY1PW4obtAEWWLM92pOQoDoyAg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
VrHQyF8wNkH5pOhUYwyBPQ==
date
Sat, 29 May 2021 03:29:06 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
3170
x-fb-rlafr
0
expires
Sun, 29 May 2022 03:29:06 GMT
qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
oDIPjI+yG0c43HF59ujj5FVj0mkCDJiNf+/w6sNvBkWlMHWZrct2cz/PR6L4fg58PQkaBOgQ985+5INMaGbh1g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
iN31dShDArRt9ZikrDb13w==
date
Mon, 24 May 2021 17:57:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
2616
x-fb-rlafr
0
expires
Tue, 24 May 2022 17:57:51 GMT
n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame 5A78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yo/l/0,cross/5XdCPi2qnWo.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
FQ7ftCCUy4YgMC7AQkGecNoDr/gAMrdQNTTi97GjF2cfIsFMsruqYVVoZ/mEJeeKWo70HHjSkNz/4kD9o4FyNQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
FxoGPHP5kucUksTSZgXu4w==
date
Fri, 21 May 2021 19:17:52 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
3249
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Sat, 21 May 2022 19:17:52 GMT
container.html
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D960 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 31 May 2021 10:06:50 GMT
expires
Tue, 31 May 2022 10:06:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame DEDE 		624 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnyPE5xMT75Q-L-SCRnYI3LajDwWQe_7wBAoR0BPqOWy9EMVFuWl5b9nYQMu0U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 31 May 2021 10:06:52 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D960 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgwJvj6EfRStocr_g9sGae2sh_pLFCY5v-lT440RgRZ24eGGeIam7OT8NBfyBQJ5_QoAG_wlARN2ACwPFYOPTbSJdDBwDEqB5nN8XVa0mn6pbbmbpBRNpHxQYuE_ltzOGie7Hr_vG97q1u1aU3AzABV7EqKQ&dbm_d=AKAmf-B3oJjVmcWntkmJxrbCfyxF-CCdbjeRLTyqhRpRr3-JBE-v9aj6wyIvujp_M2F3-WirR_5GwZecPKufJmt1cW5VpaB5TswJf7VxDE9VrA7xdoUgI7uwPAuIBniTxTFjCqXAXeVPYkGTgFN4LVj30YPaygpKHkoWu0xWom52ev9FU__Q7zo6UFaH9nx3LrlLH9TElqtOrur_FSCwcqkHTk5tpc-GyOPpTqmenBmN6Qe5Vt8P0c08GpQ7MIh9b9BciNQOLWn5_HM-pivPCdXCh210nveDFm-XpgB-KugEyOgkI0tC1SuxI1HZ25TKEOHR-dWLGugEsQR06DHegheKKRTty--4YE0tyW1YWutGnaiE2Qjs2wDApaM_wiliwAQz6ytQ3ihDqipahs2jb3yiTfGXcBoY_sCXB3f3XYpqN9RXmWbCj7lMbxOVTI4HhMI6uz83X7s3nOzZegL0e4DBkbbBCRLkgfgMVyxsouNVUT0vMyn-BA3VsfeE1QGMr45JENxhgxSd12LYfAFzLqhvmgb_D2JFXjGhOKHGayzIgTQ4QUJlvXWVV0e6H-zlvagQ_Xca7YZhQSjku3pdBmljE1P72KeGQiKRzt9yfswefCCznwN3kfM7L09q19uVtGeGzyE2CUmWiDxY5K4XoNCm4n5UZxWd_M4eQfn-QvybQ-u5FThcS4bf5zZ5WqroYTnq_tyOmUjvVpRsvFvh-HoJEEQ23PxE551_1vcO2Wwb6MWsN-B5EvQr30_XTdJzlTVxvnnM2zSJ2sfOiO4soZsjoS-fZXkugaXCld5cnyeROlZ1NxxQ0bOZEMOzQcqS0-59NT0GBxUtak5ibTxBQdtUA-JxvoQUMEf2CSC5LvldMNI_9hWJQu75FTtZwuSOfOyBxlXcgqZm61toL9c6gZSjsCsYXD_ffPvAmaoP2OmJNXNlIBWdxqHoyWvcYlgH55qQl4oS6Tvcg-f7um7hfWvk-K-Hd3ks82e_t073qa0e-J6V8k_v4YNsPKDGr7oMRcWS5uMPrOF1zbJwptDS-GJryaUeXR4LcY89T3mnonKqfCHEL8kkGpG3bWmbBTqsN6woXkM6svd4DlaPePI70AKNmtlwA-igDqY3zlYVZLviBPuAXUnn5BCCCFAU9AxtGujGQx-iFe7cdXzdJY53GtZ-aK-l1tRvdKZP8tHorh9Fp0HDEgzFfONeSxZXroJHG6xWxhf-e_kqc052wk1IUkycwIr-2xOSOOMWIhB8ZCrkmFDamDgngs4xbBax51oadm1rkr0kvvfdtfD6ptAx79B1A700gkzTGieghSEfDOgKN8W4PsVjqJrqbuM3p8JwhMjN31w60SDIT0ct85zMHEL4ceeH0MwjTvUKaogAsVw7xf5emmFxBpO-uxG3DS8puhEYgKzcCtjkUPNuZTxCUOjNqgmQof4Dyo0kOu7Gs1TskyS_pKTve8y0tnN0ZP3t7i0ajPUTYWi04iguKrpr-eu-bbu_O8AgjZL1lrrcRvyAr22pOi1KD4_HyRKZlDKewF65h6bfK6YNfaERINKt5buNqKTdXASewL_tlTjZ2CYSBHW7WfPQK-dAN2RH8z22Yc6j64N1Jdiwsd1RwvU42Nvnl16pAIXpnlc8TbQ4MoitbMOIeYgi8x10VkktDrHC7_fWR5p85oGmZsou_GIzNayPLQjf_AFpwlEjRPxZKc1zc0GFDOZyuEyxk_0etjD1FO-tj7aitleF9W_v4eCRjpfysnFJE2ungz9XE-aW1R_7WMW9GkWJNwseZDaMiKtDfZwGjmcKpD-WTxBz__HkDgwJ0tqGTV8UwaY-3SaXKooUfSeMztCjt-dB1VDaiYuIFlkV7EpbfiVq8Z5TmJ8DWbd_Za9dhnDyf4S9R1wlGLNySb2Uq7WIujDWOCruDP2rzyN6hz7MqRglxYUWzu9PdWYaS3j6P_8ySbLoc_9vrHL-knYvnUsXj8Wa2DTWLNJxyEM_5rFplOgTMFwZV9NPgkFYpNcyhNPiLiNU9lTL9ySvEMkKXZJqrmXE2Ajm0eP0NbtTF_jH4eMrS6vPzPDK8YKfmsP0GtYoxepTdglGqAF1TnVSad0WMSbUQ7v7qBsblZ5NATpf0P8yO2G6tpfDawj7410TfulPrL9__bIjoYmTOzi_TBhqtjKAsneUuC5dnNBbbcFwdRf6xizPv7_E8l0dwFmt2QQtGkWML4_VqC3NpBG-H3SPg0fm7namR3n_jJfGdBvxw85Mi7RQ4lwYdSnu0XSKE2jKdnv9EUsAZMwfF8QEdeBOLCmVZuyu33_HEy8X2aD4HtHK0-Lo2ESS3mP9DR96GdbomjeKJEZkZkgJLNjJ5WABs4kGbqn5ouQvDr6hhLK24cLCiGu6cUVD51yOGQUlNJOhCw11qlxYDmKnc8R-_Tb9LjHleJiNvVcv-mJN5PTvYKpjNU2Au0PCM_uol_hhmcGVAWxqzMvUGvjA9WuCdyeC_V1AFHPnGBIHeI00G-12jYrlEULW7AVodSE75Oce2U_rLrC10STNynnt2s3vWXdCAK_5WeRJowmQLtmeNDeJ14MpfTCXXFvLcAq5EUYFP8GPX2_R4wQ_NmRaeY7LF59QApHWVX08gsRr9N1p1-xZSFmjoE18QKOPCH7ylckhonEwX0lqBW5lgnDkagBzNNjh5nHzVOca-j9dvcWqOM0GaRCmq4JMhlVeAxpFzMHcdCVsw10oeNnjxDVA5SCSx1ah3CpQuILtPPW7M5CleyRrWM2h4_wfJmq7bVhC3U1lUtJC0YUP9KIX93S_DGBE2Lj93kh9_oBtwviSi1Hpb8HINz0jgIW4oCky8r1HU4cKRE6Dr39RfdtCnl2ybHdU0slb9-UnXYiJyFfTE_vJzuQ11NaRXpceOvXPU0Q8gmFK6qkJHKMipuc66gLXQBdaTjkdNvtNTXDUHQFkb-uAHcpwVBI06WpSyUYR2qWf-M0hphORKWFo7U_wxH61zdkSH1SXhIk&cid=CAASEuRo97-lHt5blLBDgCoqQLFxLw&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0021c555840f18e2c0392c1621e766e7bca80600dbac87ba37337e73ffe72d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D960 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSXg_V5PadMsGku51EmR5X1x4PGn3gDPkdUGLuhmVroBDI938O0LkTuB2i_dWNYx-WYdWmIT-QVwGwy38Mkm_RDyqJilN1DQonT8HMaJFudx_fRX4
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame D960 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:05:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D960 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame D960 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 09:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 09:58:14 GMT
rum
dsum-sec.casalemedia.com/ Frame DEDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:52 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB3KDLCperJou_t2HqoaJro&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 31 May 2021 10:06:52 GMT
rum
dsum-sec.casalemedia.com/ Frame DEDE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PCs5ylEVKDnJaeWOzAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED05gIJlJqWHGjFt5R0WLvI&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED05gIJlJqWHGjFt5R0WLvI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED05gIJlJqWHGjFt5R0WLvI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DEDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGR6kA_rjVYlTtaSGl0iZdM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGR6kA_rjVYlTtaSGl0iZdM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:52 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.187:80
AN-X-Request-Uuid
9f261b70-f20a-4189-96ae-91681afe95bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGR6kA_rjVYlTtaSGl0iZdM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEDE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COfuLhDXqUoYxJLfqAEwAQ&v=APEucNXEjkurnFEAe0kiNmUi-klkFrj-ucl6HdKZK99fY9qNhsuDdGHdNGezEUleQHWhLBatj1WUcMT9vUTgJ5w3WDBLvHvPm7wCjeP0iony12NeUtjaISm1PTrYXvpbfpK5k7F5GLQZG4J7BdYm7vgCALfwtB3eZrtoFDN7BXrMoumz1SJGyS4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:52 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
d613d81b-8a16-4a9c-af39-5891b33f1fe8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame D960 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65521
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 May 2021 15:54:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame D960 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgwJvj6EfRStocr_g9sGae2sh_pLFCY5v-lT440RgRZ24eGGeIam7OT8NBfyBQJ5_QoAG_wlARN2ACwPFYOPTbSJdDBwDEqB5nN8XVa0mn6pbbmbpBRNpHxQYuE_ltzOGie7Hr_vG97q1u1aU3AzABV7EqKQ&dbm_d=AKAmf-B3oJjVmcWntkmJxrbCfyxF-CCdbjeRLTyqhRpRr3-JBE-v9aj6wyIvujp_M2F3-WirR_5GwZecPKufJmt1cW5VpaB5TswJf7VxDE9VrA7xdoUgI7uwPAuIBniTxTFjCqXAXeVPYkGTgFN4LVj30YPaygpKHkoWu0xWom52ev9FU__Q7zo6UFaH9nx3LrlLH9TElqtOrur_FSCwcqkHTk5tpc-GyOPpTqmenBmN6Qe5Vt8P0c08GpQ7MIh9b9BciNQOLWn5_HM-pivPCdXCh210nveDFm-XpgB-KugEyOgkI0tC1SuxI1HZ25TKEOHR-dWLGugEsQR06DHegheKKRTty--4YE0tyW1YWutGnaiE2Qjs2wDApaM_wiliwAQz6ytQ3ihDqipahs2jb3yiTfGXcBoY_sCXB3f3XYpqN9RXmWbCj7lMbxOVTI4HhMI6uz83X7s3nOzZegL0e4DBkbbBCRLkgfgMVyxsouNVUT0vMyn-BA3VsfeE1QGMr45JENxhgxSd12LYfAFzLqhvmgb_D2JFXjGhOKHGayzIgTQ4QUJlvXWVV0e6H-zlvagQ_Xca7YZhQSjku3pdBmljE1P72KeGQiKRzt9yfswefCCznwN3kfM7L09q19uVtGeGzyE2CUmWiDxY5K4XoNCm4n5UZxWd_M4eQfn-QvybQ-u5FThcS4bf5zZ5WqroYTnq_tyOmUjvVpRsvFvh-HoJEEQ23PxE551_1vcO2Wwb6MWsN-B5EvQr30_XTdJzlTVxvnnM2zSJ2sfOiO4soZsjoS-fZXkugaXCld5cnyeROlZ1NxxQ0bOZEMOzQcqS0-59NT0GBxUtak5ibTxBQdtUA-JxvoQUMEf2CSC5LvldMNI_9hWJQu75FTtZwuSOfOyBxlXcgqZm61toL9c6gZSjsCsYXD_ffPvAmaoP2OmJNXNlIBWdxqHoyWvcYlgH55qQl4oS6Tvcg-f7um7hfWvk-K-Hd3ks82e_t073qa0e-J6V8k_v4YNsPKDGr7oMRcWS5uMPrOF1zbJwptDS-GJryaUeXR4LcY89T3mnonKqfCHEL8kkGpG3bWmbBTqsN6woXkM6svd4DlaPePI70AKNmtlwA-igDqY3zlYVZLviBPuAXUnn5BCCCFAU9AxtGujGQx-iFe7cdXzdJY53GtZ-aK-l1tRvdKZP8tHorh9Fp0HDEgzFfONeSxZXroJHG6xWxhf-e_kqc052wk1IUkycwIr-2xOSOOMWIhB8ZCrkmFDamDgngs4xbBax51oadm1rkr0kvvfdtfD6ptAx79B1A700gkzTGieghSEfDOgKN8W4PsVjqJrqbuM3p8JwhMjN31w60SDIT0ct85zMHEL4ceeH0MwjTvUKaogAsVw7xf5emmFxBpO-uxG3DS8puhEYgKzcCtjkUPNuZTxCUOjNqgmQof4Dyo0kOu7Gs1TskyS_pKTve8y0tnN0ZP3t7i0ajPUTYWi04iguKrpr-eu-bbu_O8AgjZL1lrrcRvyAr22pOi1KD4_HyRKZlDKewF65h6bfK6YNfaERINKt5buNqKTdXASewL_tlTjZ2CYSBHW7WfPQK-dAN2RH8z22Yc6j64N1Jdiwsd1RwvU42Nvnl16pAIXpnlc8TbQ4MoitbMOIeYgi8x10VkktDrHC7_fWR5p85oGmZsou_GIzNayPLQjf_AFpwlEjRPxZKc1zc0GFDOZyuEyxk_0etjD1FO-tj7aitleF9W_v4eCRjpfysnFJE2ungz9XE-aW1R_7WMW9GkWJNwseZDaMiKtDfZwGjmcKpD-WTxBz__HkDgwJ0tqGTV8UwaY-3SaXKooUfSeMztCjt-dB1VDaiYuIFlkV7EpbfiVq8Z5TmJ8DWbd_Za9dhnDyf4S9R1wlGLNySb2Uq7WIujDWOCruDP2rzyN6hz7MqRglxYUWzu9PdWYaS3j6P_8ySbLoc_9vrHL-knYvnUsXj8Wa2DTWLNJxyEM_5rFplOgTMFwZV9NPgkFYpNcyhNPiLiNU9lTL9ySvEMkKXZJqrmXE2Ajm0eP0NbtTF_jH4eMrS6vPzPDK8YKfmsP0GtYoxepTdglGqAF1TnVSad0WMSbUQ7v7qBsblZ5NATpf0P8yO2G6tpfDawj7410TfulPrL9__bIjoYmTOzi_TBhqtjKAsneUuC5dnNBbbcFwdRf6xizPv7_E8l0dwFmt2QQtGkWML4_VqC3NpBG-H3SPg0fm7namR3n_jJfGdBvxw85Mi7RQ4lwYdSnu0XSKE2jKdnv9EUsAZMwfF8QEdeBOLCmVZuyu33_HEy8X2aD4HtHK0-Lo2ESS3mP9DR96GdbomjeKJEZkZkgJLNjJ5WABs4kGbqn5ouQvDr6hhLK24cLCiGu6cUVD51yOGQUlNJOhCw11qlxYDmKnc8R-_Tb9LjHleJiNvVcv-mJN5PTvYKpjNU2Au0PCM_uol_hhmcGVAWxqzMvUGvjA9WuCdyeC_V1AFHPnGBIHeI00G-12jYrlEULW7AVodSE75Oce2U_rLrC10STNynnt2s3vWXdCAK_5WeRJowmQLtmeNDeJ14MpfTCXXFvLcAq5EUYFP8GPX2_R4wQ_NmRaeY7LF59QApHWVX08gsRr9N1p1-xZSFmjoE18QKOPCH7ylckhonEwX0lqBW5lgnDkagBzNNjh5nHzVOca-j9dvcWqOM0GaRCmq4JMhlVeAxpFzMHcdCVsw10oeNnjxDVA5SCSx1ah3CpQuILtPPW7M5CleyRrWM2h4_wfJmq7bVhC3U1lUtJC0YUP9KIX93S_DGBE2Lj93kh9_oBtwviSi1Hpb8HINz0jgIW4oCky8r1HU4cKRE6Dr39RfdtCnl2ybHdU0slb9-UnXYiJyFfTE_vJzuQ11NaRXpceOvXPU0Q8gmFK6qkJHKMipuc66gLXQBdaTjkdNvtNTXDUHQFkb-uAHcpwVBI06WpSyUYR2qWf-M0hphORKWFo7U_wxH61zdkSH1SXhIk&cid=CAASEuRo97-lHt5blLBDgCoqQLFxLw&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:04:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame D960 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgwJvj6EfRStocr_g9sGae2sh_pLFCY5v-lT440RgRZ24eGGeIam7OT8NBfyBQJ5_QoAG_wlARN2ACwPFYOPTbSJdDBwDEqB5nN8XVa0mn6pbbmbpBRNpHxQYuE_ltzOGie7Hr_vG97q1u1aU3AzABV7EqKQ&dbm_d=AKAmf-B3oJjVmcWntkmJxrbCfyxF-CCdbjeRLTyqhRpRr3-JBE-v9aj6wyIvujp_M2F3-WirR_5GwZecPKufJmt1cW5VpaB5TswJf7VxDE9VrA7xdoUgI7uwPAuIBniTxTFjCqXAXeVPYkGTgFN4LVj30YPaygpKHkoWu0xWom52ev9FU__Q7zo6UFaH9nx3LrlLH9TElqtOrur_FSCwcqkHTk5tpc-GyOPpTqmenBmN6Qe5Vt8P0c08GpQ7MIh9b9BciNQOLWn5_HM-pivPCdXCh210nveDFm-XpgB-KugEyOgkI0tC1SuxI1HZ25TKEOHR-dWLGugEsQR06DHegheKKRTty--4YE0tyW1YWutGnaiE2Qjs2wDApaM_wiliwAQz6ytQ3ihDqipahs2jb3yiTfGXcBoY_sCXB3f3XYpqN9RXmWbCj7lMbxOVTI4HhMI6uz83X7s3nOzZegL0e4DBkbbBCRLkgfgMVyxsouNVUT0vMyn-BA3VsfeE1QGMr45JENxhgxSd12LYfAFzLqhvmgb_D2JFXjGhOKHGayzIgTQ4QUJlvXWVV0e6H-zlvagQ_Xca7YZhQSjku3pdBmljE1P72KeGQiKRzt9yfswefCCznwN3kfM7L09q19uVtGeGzyE2CUmWiDxY5K4XoNCm4n5UZxWd_M4eQfn-QvybQ-u5FThcS4bf5zZ5WqroYTnq_tyOmUjvVpRsvFvh-HoJEEQ23PxE551_1vcO2Wwb6MWsN-B5EvQr30_XTdJzlTVxvnnM2zSJ2sfOiO4soZsjoS-fZXkugaXCld5cnyeROlZ1NxxQ0bOZEMOzQcqS0-59NT0GBxUtak5ibTxBQdtUA-JxvoQUMEf2CSC5LvldMNI_9hWJQu75FTtZwuSOfOyBxlXcgqZm61toL9c6gZSjsCsYXD_ffPvAmaoP2OmJNXNlIBWdxqHoyWvcYlgH55qQl4oS6Tvcg-f7um7hfWvk-K-Hd3ks82e_t073qa0e-J6V8k_v4YNsPKDGr7oMRcWS5uMPrOF1zbJwptDS-GJryaUeXR4LcY89T3mnonKqfCHEL8kkGpG3bWmbBTqsN6woXkM6svd4DlaPePI70AKNmtlwA-igDqY3zlYVZLviBPuAXUnn5BCCCFAU9AxtGujGQx-iFe7cdXzdJY53GtZ-aK-l1tRvdKZP8tHorh9Fp0HDEgzFfONeSxZXroJHG6xWxhf-e_kqc052wk1IUkycwIr-2xOSOOMWIhB8ZCrkmFDamDgngs4xbBax51oadm1rkr0kvvfdtfD6ptAx79B1A700gkzTGieghSEfDOgKN8W4PsVjqJrqbuM3p8JwhMjN31w60SDIT0ct85zMHEL4ceeH0MwjTvUKaogAsVw7xf5emmFxBpO-uxG3DS8puhEYgKzcCtjkUPNuZTxCUOjNqgmQof4Dyo0kOu7Gs1TskyS_pKTve8y0tnN0ZP3t7i0ajPUTYWi04iguKrpr-eu-bbu_O8AgjZL1lrrcRvyAr22pOi1KD4_HyRKZlDKewF65h6bfK6YNfaERINKt5buNqKTdXASewL_tlTjZ2CYSBHW7WfPQK-dAN2RH8z22Yc6j64N1Jdiwsd1RwvU42Nvnl16pAIXpnlc8TbQ4MoitbMOIeYgi8x10VkktDrHC7_fWR5p85oGmZsou_GIzNayPLQjf_AFpwlEjRPxZKc1zc0GFDOZyuEyxk_0etjD1FO-tj7aitleF9W_v4eCRjpfysnFJE2ungz9XE-aW1R_7WMW9GkWJNwseZDaMiKtDfZwGjmcKpD-WTxBz__HkDgwJ0tqGTV8UwaY-3SaXKooUfSeMztCjt-dB1VDaiYuIFlkV7EpbfiVq8Z5TmJ8DWbd_Za9dhnDyf4S9R1wlGLNySb2Uq7WIujDWOCruDP2rzyN6hz7MqRglxYUWzu9PdWYaS3j6P_8ySbLoc_9vrHL-knYvnUsXj8Wa2DTWLNJxyEM_5rFplOgTMFwZV9NPgkFYpNcyhNPiLiNU9lTL9ySvEMkKXZJqrmXE2Ajm0eP0NbtTF_jH4eMrS6vPzPDK8YKfmsP0GtYoxepTdglGqAF1TnVSad0WMSbUQ7v7qBsblZ5NATpf0P8yO2G6tpfDawj7410TfulPrL9__bIjoYmTOzi_TBhqtjKAsneUuC5dnNBbbcFwdRf6xizPv7_E8l0dwFmt2QQtGkWML4_VqC3NpBG-H3SPg0fm7namR3n_jJfGdBvxw85Mi7RQ4lwYdSnu0XSKE2jKdnv9EUsAZMwfF8QEdeBOLCmVZuyu33_HEy8X2aD4HtHK0-Lo2ESS3mP9DR96GdbomjeKJEZkZkgJLNjJ5WABs4kGbqn5ouQvDr6hhLK24cLCiGu6cUVD51yOGQUlNJOhCw11qlxYDmKnc8R-_Tb9LjHleJiNvVcv-mJN5PTvYKpjNU2Au0PCM_uol_hhmcGVAWxqzMvUGvjA9WuCdyeC_V1AFHPnGBIHeI00G-12jYrlEULW7AVodSE75Oce2U_rLrC10STNynnt2s3vWXdCAK_5WeRJowmQLtmeNDeJ14MpfTCXXFvLcAq5EUYFP8GPX2_R4wQ_NmRaeY7LF59QApHWVX08gsRr9N1p1-xZSFmjoE18QKOPCH7ylckhonEwX0lqBW5lgnDkagBzNNjh5nHzVOca-j9dvcWqOM0GaRCmq4JMhlVeAxpFzMHcdCVsw10oeNnjxDVA5SCSx1ah3CpQuILtPPW7M5CleyRrWM2h4_wfJmq7bVhC3U1lUtJC0YUP9KIX93S_DGBE2Lj93kh9_oBtwviSi1Hpb8HINz0jgIW4oCky8r1HU4cKRE6Dr39RfdtCnl2ybHdU0slb9-UnXYiJyFfTE_vJzuQ11NaRXpceOvXPU0Q8gmFK6qkJHKMipuc66gLXQBdaTjkdNvtNTXDUHQFkb-uAHcpwVBI06WpSyUYR2qWf-M0hphORKWFo7U_wxH61zdkSH1SXhIk&cid=CAASEuRo97-lHt5blLBDgCoqQLFxLw&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8609
x-xss-protection
0
server
cafe
etag
7365582700020686358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:03:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D960 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65174
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:00:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 42E0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 31 May 2021 06:38:34 GMT
expires
Tue, 01 Jun 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
12498
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D960 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
965633fe42721492cfbaf60f35d15e2e8ebb9f65f388c00851c0926b0a2c8a13

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9DE5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 30 May 2021 16:00:38 GMT
expires
Mon, 30 May 2022 16:00:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65174
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
300x250.html
s0.2mdn.net/sadbundle/1130346860090257094/ Frame 099D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d071d906213564d0776cc1ebc68de3d29a469af2bc91a24e4ec66899e927c10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/1130346860090257094/300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2104
date
Sun, 30 May 2021 22:01:04 GMT
expires
Mon, 30 May 2022 22:01:04 GMT
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43548
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D960 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOHpDkqH4FPFSbaqYYjQqIqUCCprSKhT_4jBUm4vaKzDZ1n_D9qbejmxHteELdAN9SwGQoNaNtFB42BdaYW23xp6THpl1iwnsvkQsLSynmfRyAO__SHaQWNQTv7Aj4cCZiJMt-FCZ1De3YL6XqqTw4Q1pGaRxm58ty5wBUPba85SnB1CGD7lJH3pM_2A2UAs3i_LIKb1lHtYHTwUYUb6IzJviRSGD7wbDc1CnjfjxctuEdoVoOIAaF10-owTp3dpDZxG0rXUlNPJLnUe00plRLrPdzuNThYMYpqMPQxcvLI6CF1UQ516viDWCacBjQgeFsdNqmCbUXfDqwkCVMl3eELn__EZjjJcMKDUQXfy0uG7LwvA2_rOEeAsQKog92HMtUjt5Djwrt09gwSLuyNFyVcp0wZj4QK0PEiGhHu0eELfP4lUoVk5VpJsTwY9MiNS4ZnhUE1LJT4BuRgI56dVc77KiQh-rVJyIJOQHsZrDQn9Qe7XO0IMU9lHUsJkz69ngZSptJBv9HD4Sxbp1Ax2ohFleWqy4FuvOSLwDsEonuesst7r7vf8On3R48SqoeV-TOw21LOHShGEEkDh99f3NPGKcUuTfKqAjD3Kl2QuwIsTrQBUYOB7vFjadi9GXS3u4gyWIUnxXObo_Vp1x42XpiFPYda0ka4erE-acyK61a-PQ5N1HTYdYEt-k8-BaZlzARIVC-Zah-nlLoccm2zlRf4Oz6euCgSCuqWjAenvYk8qHzwqdohwP1AkKeHgZ6WS8hn8TxUts4s4L0W4OphfjdPhyavyHu7WcYG5yNTNHOMZkkI5n_llfqpKVViLrW6Sa1fOnoAtRylZJjggRdoMa14cd6TTxCsnLKknnRGYggMAoz7bTuzvxIbWa6Gg8VOaK6l2vsN5P1eL6vHiVbIxMGn9u5A6VHM7cEPHGDibiW--3018GATqC05d_GqSR6v022TJQFQOPKsH4M3MFM0WMLoYJXpZ3MEw-6lCQtRdoYcgx4oc2t4epV7ff80ylrMkkBu7jDUBj0rt1VKhowbPSFURw6RifVn9Aso_130jB_V5Dz15rO0EvE3mUOm6oHHYrIHitN8mXtoZUUGNv9DqcLDMpdbvo7D0Q8U3rOC93051QA44IvWr94LO1KxRh-kOVi0Ns_Fl4-Blr_jEWOvc3RNDQW2IXzils5e4Wocuavxu7Fo2o-ubpL9PldWWXWIsQrNz1nQTl8aSX-KGMt&sai=AMfl-YRQ0VTSKFB0Dcg7m-BRFFOibO0KZ1QMwwucDZjgGWGOWoxUBD5MYT5IgyuADLb-UJ014EuHZ66pCnAEW6WH0sJ7v1TGCSEbQW4iKQEiV02t7I7UNgGiHNjJ6X6kQcquOXCuNcJBbULrs0So_5qI5AiNGRRTfZOOAjIA0jPqwgWhp0Rbbi4n&sig=Cg0ArKJSzBWwHL5h07ONEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=122&cisv=r20210524.94117&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 31 May 2021 10:06:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 42E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1&google_push=AQvitUKKPuHEQG1Ao635ABpNJnBjrPjGMEg1L64xcIHIaAzVFEotCoQhgvTwk6cbDOPnHh91xIymYaEsln0ykZBQNhwJGhZFpDA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyNTk0OTI1Mzg5NzkxMTI4MA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAsGhM1fe-7XazsCqe-rIpM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
um.wbtrk.net/doubleclick/user/ Frame 42E0 		0
0
pixel
cm.g.doubleclick.net/ Frame 42E0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMc4wg4OTdkgJ4AmoUOafuA&google_cver=1&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTt...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMc4wg4OTdkgJ4AmoUOafuA&google_cver=1&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5Lmd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyOTU2NTc0OTgxNjk2MDQ4Mg&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyOTU2NTc0OTgxNjk2MDQ4Mg&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTtjl9-MvcQ_gf-vDZ0Rg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyOTU2NTc0OTgxNjk2MDQ4Mg&google_push=AQvitUIy5I53rKYE86v6WzNHJ6-Ixu7LIjU5g1BSVdflTzpsLeJxq599gI2phJjRZSz_rjb5LmdWlpTtjl9-MvcQ_gf-vDZ0Rg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 42E0
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKEe1g6XqVXEyjmeEWbrmHs&google_cver=1&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKEe1g6XqVXEyjmeEWbrmHs&google_cver=1&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&google_hm=_H89-hGEzQYcKSkSkfFQnQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&google_hm=_H89-hGEzQYcKSkSkfFQnQ==
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULS6N2ESmdEijciDKzGhQBXBjTY_1MqlkS3EZFnQeFPOq05DmEw2kqzeIpLiTI11A_eKVmbnJMEIl7k5DAvZVrRE7SUaLc&google_hm=_H89-hGEzQYcKSkSkfFQnQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
aupcv1f6s4ivdvp5jp1p9a89a976lt7i
pixel
cm.g.doubleclick.net/ Frame 42E0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iCFTQDxRPKsZdeoOIH0nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iCFTQDxRPKsZdeoOIH0nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI8NE5EKZB_6h7BXguUBScFsmsPQoH4qCtxn7Vq4nAZSa22lXUmsZtMLzgyBfPF-6mzDH9JvkedeQhIWpw5QuTl5aPM5g
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iCFTQDxRPKsZdeoOIH0nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI8NE5EKZB_6h7BXguUBScFsmsPQoH4qCtxn7Vq4nAZSa22lXUmsZtMLzgyBfPF-6mzDH9JvkedeQhIWpw5QuTl5aPM5g
date
Mon, 31 May 2021 10:06:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 42E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMcHqMJcbxarpCtYf9OBmEs&google_cver=1&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZJVzUtMVItRlI1Sw==&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5jJYo48A4TXtTxZ2HDwQOq9JA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZJVzUtMVItRlI1Sw==&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5jJYo48A4TXtTxZ2HDwQOq9JA
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZJVzUtMVItRlI1Sw==&google_push=AQvitUJJN_3EclApdrrcys9au2FhqOCJIsWR6tsSC1ypoLzoXUlveJdr4g_MqjSV9eicIdmEyO5jJYo48A4TXtTxZ2HDwQOq9JA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 42E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED9e6nCMTxvKV9rToE4jj4E&google_cver=1&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED9e6nCMTxvKV9rToE4jj4E&google_cver=1&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mbFhOX1dORTJ1SFpQTnhRdGtxc2w4eG9mcVNGbzVQRX5B&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mbFhOX1dORTJ1SFpQTnhRdGtxc2w4eG9mcVNGbzVQRX5B&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6FLhzfSDLuM3V8KURrTBn8tiYE
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 31 May 2021 10:06:52 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mbFhOX1dORTJ1SFpQTnhRdGtxc2w4eG9mcVNGbzVQRX5B&google_push=AQvitUJCB8gnQ7jAqmpWYZRsFFxUKvGz0WNUvbdLV13jsBMpILNyPVUdJnOkBRksOp6AZeBCi6FLhzfSDLuM3V8KURrTBn8tiYE
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 42E0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjbWLb_FNsMpUdUs4-ZWyrBvvlPulNliJYDKvOrGLubROn2o4KlpFQbtwmUBevbV1STvUzHg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:52 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 9DE5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
100458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Mon, 30 May 2022 06:12:34 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 099D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:52 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
63926
expires
Mon, 31 May 2021 10:21:52 GMT
300x250.js
s0.2mdn.net/sadbundle/1130346860090257094/ Frame 099D 		14 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad37d331a1b6b1a799cc01474c049a7f46284a51eba350a921385b2c05ad18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2316
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:04 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame D3FB 		192 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164971
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame D3FB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164973
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame D3FB 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164973
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame D3FB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164973
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame D3FB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164972
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
css
fonts.googleapis.com/ Frame D3FB 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:26:52 GMT
server
ESF
date
Mon, 31 May 2021 10:06:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 May 2021 10:06:52 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9623739889015113235/ Frame D3FB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9623739889015113235/downsize_200k_v1?w=100&h=100
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dde8a79580e69b192da122b49b5633ee16d63051eee06eaf6c808b4653bdf4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 04:12:51 GMT
x-content-type-options
nosniff
age
21241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4589
x-xss-protection
0
last-modified
Fri, 21 Aug 2020 14:08:37 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 May 2022 04:12:51 GMT
truncated
/ Frame D3FB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
137f53955a4a3415c3b1eb93624ddf1d3276db60e53620328420fbb6a8c2593e

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
id_br.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D3FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id_br.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578f93ffa4f4bfabc4231039a273babd4049c7c385eb66c2998e4dd247c85076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 07:34:10 GMT
x-content-type-options
nosniff
server
cafe
age
9162
etag
13139178976777033369
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3032
x-xss-protection
0
expires
Tue, 01 Jun 2021 07:34:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D3FB 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
2463
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 01 Jun 2021 09:25:49 GMT
l
www.google.com/ads/measurement/ Frame D3FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtzD1nMorOxCar4E50CydwVp8vz17M3Tjw8OyzStPgc8ITr-T7aRo0_m3CWJMHt08iWHqP5DH9-cd8go09rssbofz_jQ
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D3FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqdS7PLW0YMDYDIrq3gOzz7uIC4TC99xi4a6h5f4KpvGG46ACEAEg1ceLaGDp5MmF2BqgAf_bisgDyAEB4AIAqAMBqgT-AU_Qi4SpQruvaLCRAHtxTArnsED8HQFXsP65XXR_sXZGyZCpURyeIyxfUJA-90QKNKmsdIND_KXcjVelxJyujMQ3khMpcjNwa2EVjRSx_iBaZhRSyQ28vYjORQ_xT440WSK06CW6ggeW-mgyi7uP5OgCkg0I6nj21YUUFmcFvC1JcwfnL0TufIJjU1BaOBH9RXM2HIx2J2aN-KMg9YWeaQHJBNKEVtzhHUfupv2FLC_i5iCwH948Vqhwx8RBQQLw60Y5mK-eDQr4qGQIov0U1o5rQYa7M7Q98GIB5JNRVINYqNgkL1ms52PskyDTlCIruXhq83vUIt4fpnxNzgM6wATvnOXZxALgBAGSBQQIBBgBkgUECAUYBIAH3tKAQagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCF_SHSCAkIgOGAEBABGB2ACgPICwHYEwyIFAPQFQGAFwGyFxoKGAgAEhRwdWItNTM5ODk4OTY4MDg0MTIyMQ&sigh=y6kbA4DgyYE&template_id=5001
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
food1.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/food1.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf68c19281267c0308f43ddd817af6168f4177a996d1a8f9c001fd653e0a721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:04 GMT
x-content-type-options
nosniff
age
43548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13421
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D960 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOHpDkqH4FPFSbaqYYjQqIqUCCprSKhT_4jBUm4vaKzDZ1n_D9qbejmxHteELdAN9SwGQoNaNtFB42BdaYW23xp6THpl1iwnsvkQsLSynmfRyAO__SHaQWNQTv7Aj4cCZiJMt-FCZ1De3YL6XqqTw4Q1pGaRxm58ty5wBUPba85SnB1CGD7lJH3pM_2A2UAs3i_LIKb1lHtYHTwUYUb6IzJviRSGD7wbDc1CnjfjxctuEdoVoOIAaF10-owTp3dpDZxG0rXUlNPJLnUe00plRLrPdzuNThYMYpqMPQxcvLI6CF1UQ516viDWCacBjQgeFsdNqmCbUXfDqwkCVMl3eELn__EZjjJcMKDUQXfy0uG7LwvA2_rOEeAsQKog92HMtUjt5Djwrt09gwSLuyNFyVcp0wZj4QK0PEiGhHu0eELfP4lUoVk5VpJsTwY9MiNS4ZnhUE1LJT4BuRgI56dVc77KiQh-rVJyIJOQHsZrDQn9Qe7XO0IMU9lHUsJkz69ngZSptJBv9HD4Sxbp1Ax2ohFleWqy4FuvOSLwDsEonuesst7r7vf8On3R48SqoeV-TOw21LOHShGEEkDh99f3NPGKcUuTfKqAjD3Kl2QuwIsTrQBUYOB7vFjadi9GXS3u4gyWIUnxXObo_Vp1x42XpiFPYda0ka4erE-acyK61a-PQ5N1HTYdYEt-k8-BaZlzARIVC-Zah-nlLoccm2zlRf4Oz6euCgSCuqWjAenvYk8qHzwqdohwP1AkKeHgZ6WS8hn8TxUts4s4L0W4OphfjdPhyavyHu7WcYG5yNTNHOMZkkI5n_llfqpKVViLrW6Sa1fOnoAtRylZJjggRdoMa14cd6TTxCsnLKknnRGYggMAoz7bTuzvxIbWa6Gg8VOaK6l2vsN5P1eL6vHiVbIxMGn9u5A6VHM7cEPHGDibiW--3018GATqC05d_GqSR6v022TJQFQOPKsH4M3MFM0WMLoYJXpZ3MEw-6lCQtRdoYcgx4oc2t4epV7ff80ylrMkkBu7jDUBj0rt1VKhowbPSFURw6RifVn9Aso_130jB_V5Dz15rO0EvE3mUOm6oHHYrIHitN8mXtoZUUGNv9DqcLDMpdbvo7D0Q8U3rOC93051QA44IvWr94LO1KxRh-kOVi0Ns_Fl4-Blr_jEWOvc3RNDQW2IXzils5e4Wocuavxu7Fo2o-ubpL9PldWWXWIsQrNz1nQTl8aSX-KGMt&sai=AMfl-YRQ0VTSKFB0Dcg7m-BRFFOibO0KZ1QMwwucDZjgGWGOWoxUBD5MYT5IgyuADLb-UJ014EuHZ66pCnAEW6WH0sJ7v1TGCSEbQW4iKQEiV02t7I7UNgGiHNjJ6X6kQcquOXCuNcJBbULrs0So_5qI5AiNGRRTfZOOAjIA0jPqwgWhp0Rbbi4n&sig=Cg0ArKJSzBWwHL5h07ONEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=297&vt=11&dtpt=171&dett=3&cstd=122&cisv=r20210524.94117&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D3FB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jalantikus.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
86594
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D3FB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jalantikus.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
258805
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:27 GMT
food2.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/food2.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07248133a686d33270a509ce988a16bd0af0b14cc680f25321034a27d3c2ae23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:04 GMT
x-content-type-options
nosniff
age
43548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15853
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:04 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D3FB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 May 2021 10:06:52 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
id_br.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D3FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id_br.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578f93ffa4f4bfabc4231039a273babd4049c7c385eb66c2998e4dd247c85076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 07:34:10 GMT
x-content-type-options
nosniff
server
cafe
age
9162
etag
13139178976777033369
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3032
x-xss-protection
0
expires
Tue, 01 Jun 2021 07:34:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D3FB 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
2463
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 01 Jun 2021 09:25:49 GMT
food3.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/food3.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3adc52771907bc9687ce800b228a2aa22c57aa8693b02b5e8aae195d4e6fda60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19118
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
kup1.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		703 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/kup1.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb383f8b278a2c18a5f14f6c2374a4cb13224a985a1a6907eca9ec882f3a075a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
push1.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		532 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/push1.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fec3d37f15773a2345f97ba63ef48b3a653d9d3c7b717d5e19c1488fbe2aa072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
532
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6bc92316cf9b94564838ba2a15737f8da7279aaae366c47944d51e41f03bbf3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tex1.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/tex1.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194d069a54e01bfd1418158e53ba415d2197e0c8df612a9aba69854d0f499e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1177
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
tex2.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/tex2.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b63ff00ed0aeaf0251b242001f7f4b5787ee14062c7a212c3fb4d57944b284b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1399
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKKyKPLW0YL3GE_qHjuwPwomloAIAAAAAOAHgBAI&bg=!EBOlE1fNAAaMan2LjGo7ACkAdvg8Wm5ssC05hpvOUzmolABsyEkBFb21dn9KTe_3OUIBwFOUfSs53wIAAAFCUgAAABpoAQcKAO8RRU-iF7APl0ftX9uywjYohe6zWIDLH2ytKCtJjOaT3skWZWfxINGGbaCoWkvA9rFcqOCbwLTcS0l67aaHo9b-3WC1q136ARxFvuFIAABchyc90oCc-EPrWxZK7onkjXeuG9h2yTdO4pDgM6HWP_avL94EtRgHZfVPtg13XG2Uun-DwDxeRSRqM9s8VORY4cyn53dwd6OvLoqt-ihqfxISfhyJb1P4fOxI9MoGOaV1l2sDB7D90CF5XZUkWja1d9JAuZrXsKx92tYSyNKVzuPQ3XqQs5-N0czaoPNChMi8LxzKER56M0Z1SsrIcXIj5JkCpQKl-9xthwk96Ztw47LXaEKrnHCsABomtlSOOZ_K4SkcA0SyvuAAt9iothUSkOAH1ehZ2Lt3i7eOv1gtmoy1N90ZjbPxGiF__cZ60eP_QkFST_xIsPLUY_73yLrEGrxc8UoEPtCrNS2ja9n4x7eu1RZQsajSMD2dV9mj464j14SYVyBbJpdJEYw78B8GOLpEMZg59EPFoZf-y_L_S7kuSpqs7l51dreC7gv4pbwkDwc4g8gg-rrcmAWLXWdnecyzzWdrMue7S7MlkCVDuF2o8ovD_FSo2Zkv5oTcNRzxYIjHn6-ehZ9w-on9Jo5KsgzVWpSA8x0Hr5XJ-zdEhXqc5ml1fR3dy65OMXvOBAyTSnldSoRdyk3gTZV7tBU2XqUa3Jrt1MCiWKqKHuYYCsIA2fIbwZfv68TZ9_7Yr7VUhlqNkuEutXaJSwzWxIRG1p-j8UibYx0XDjcX0JmuDrA0tNMe1gs2Pl89H6judTr7CrsCrIrvcyvmsGmGYzY-gbHJH8Es_HCGgZP8k8Y8w3uxy8wf32RjY0vyec98KsNXlQlc2xLChrdzlRRCBOSD7ZnO1LLwv9e37e7XXk4srxbNYsdjQ5JlFJo6dWyFQ5u2WzKXUSknCh4LL4ClI0y2BX8a2xvdpLt_M0Wq4ASCJATMPE9Z6MWOs0s-acDbS8fB9uq5mBIDzSQ8jtzVlWgrR-TKLJ3nviP2pcut-QW_ZEX0b_c3VoKrxNxY9VkvW83gGpBriXU4De45lbuKONSOxjc184UC2Mq_Qj2NSfEZwpTv3kxkqU-Y-86RKrjcMs904NBvoIBGv7B1k05SRcCBVSY_NEHlMuriq6eimT-AtC2dlfFILvv6oxbJWwCxWOXtajWoOI4L_dgX_m0nHu079khVjR_5Vm0e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tex3.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/tex3.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86fb30849621083592a7213bc9fffb74e89da1007adeca50f9e4e20baa00e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1648
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
tlo1.png
s0.2mdn.net/sadbundle/1130346860090257094/images/ Frame 099D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1130346860090257094/images/tlo1.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c8f15ca48e7d1a113b6a27cd9ec6490df183aa8157c648a0d9a1c81413a1e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1130346860090257094/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:01:05 GMT
x-content-type-options
nosniff
age
43547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7555
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 14:34:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 22:01:05 GMT
whatsapp-aero-logo-af2d7.jpg.webp
assets.jalantikus.com/assets/cache/85/85/apps/2020/03/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/apps/2020/03/04/whatsapp-aero-logo-af2d7.jpg.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
bc159f0c404f829a220e57919ab0850d1ee87a0decdb98e586b995aa37d14e4c
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:16 GMT
Last-Modified
Wed, 26 May 2021 16:39:34 GMT
Server
nginx
Etag
8b05b0ca6a73c57bdb40dd7804ae1d5d
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.251.134.221
container.html
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CF2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 31 May 2021 10:06:50 GMT
expires
Tue, 31 May 2022 10:06:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A37 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlU1j08Eao7SFzw9GMghMxymWtzjEbr9lflEJ7GJB_Bi7twm-JkkyVD5L4gXYc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 31 May 2021 10:06:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4CF2 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYtpIg-IcmeO9N2C5og1L92AHKL0rFz1Xn3LzGUgtkdtJ78unmh0chGFbU3rOpdi3oFfiUMNQjIj5ug6-tC-by1PPxUzXwDnTzravG_XTM4_koHEsMoPv1nsTXK7QLeKXhS3N6PHSWr-QwwisrmXqzGneQlw&cry=1&dbm_d=AKAmf-BHmgaFi2Uxm7ala7RGGiyI8ss2ohw-sDbMa-RjxwkRvFatz8xBTlwx6dKf3sYYyrtF_nSSOpgb1jmHpMK7PIr4Oz80tui0Qjbk4FPnNEfkdTTcr8D9YmN7LaaIf7mIC9n3MEyBBv4NPU7-DwqPhDBLH3DC1bcuvM2iuQwO-gkMVVpKkv-JCbo2iGLHfI9-mcb0bRIegbL_9ztRK8uH6g4G-wssVX-uA-VAMsyXreTFM6HkdPCQhDXi9nr3tvbyag7fA8CzY0VuGuqj4qjw1f-Y2YhOU7HR1TimAProcP3kztuvuOLvRSmhLXycz2TngPKHcY9qKnOjejfm1LLKg-QPz2VMOd4fEA10RDSeZ9acDaarRwHhzP34twGywgZij9iT_fq8iBZlAEbNjmqofQRRGUasE-kJtfggaK0svOXrdR7wFd8356R4zwPivAAeJyj7p2DdIKIHwajKOdIP1ZkOLBawV_3HaxCqjtebg617yUymlYWmDNfATQ3SY2HzJyfV_6MO1DW7KERwEjncaChciJmB6HHcqxeP032wpj_hAP4hj9AfN9btOb2XZrFC5DN45NGj48Zr7aKK0P4jcMUJDLz-Z4toH0Hj2Fs1Y1Usb1YEJUzcUAcAwJ0pQCFMH6-RJ78Hy_eJtf8ec-ItbCbFiQzk5cOb9aNVLEI-3xbhqrkJvHqMMBSU7LhqpdeJJ4xPtKtMeVVBQz9NUkCITAkuzgHQvGPU6UEQJwg-zdnHHxrvC07kelS3xnNPofvFjkYSw62dQWCrMRNyg95qrFH3f6PgrCDXHKq_uHg8pW86dkIFBZUDzWCHodzGUFazvrvSdFqN6HsiQ2xQa1-n1U_BzZA1h1v7YF36CBvMt-0lLACQQ_-Ei8tmVDoBg7dQE2VEbUHvZCPLhO5Et0MUzLAqZbf1sSqccIS2qjs_5gcH8bRypleEQsyOk78gco5GSd-kMGZs9Jzl9xlP0dgDjYXMfNjsEfxk1fj8L32rEBg940HCRaTEdaBp8F8RpX5mQ5fvv9DJrnxq7mq3uwRCub6GSmCfBBM9cxxZP4X2fmEdUiSg9cwibt2DOGtWt6KcMbrFzXexLxzqfEIyHMs2v548T3_xsXEQEaeuvwbrQI842FMfcwydxRlro1pa4jAT-xh8oW8uqqzrMP6Gnic3_HtYirA5k6QTqmUEMfVKRV-KzZRtESxCP7Jj5QQL9mnTNtCPokn5v9gGQeeloj088aRai05JWVGmV-cKkWSX79eha4rlh-4YCziPIf_RYhXQo9yvjyqjUNPw_x5_PT9Jwu8_jAsar3bTmqaMqb_CO-isI8rbCJWEinOVStkTiUXg7mFPiTfj8UBGjdEb3N2yozO_IlcxNilrr6ZS33QU2wlQyLKWXDMh3iXyXzf4tyTsLD3miNpq9hIe5VGOwHg69kW9OS_TFSDOantIcWtYI_XyeDE2DDUUIsG9JUNx07jvKABYpLdKdDUbGSTciy4V1DMnOOxvY_GIGew_d2YI3TyeT07OmMxMDE8_rx-auy9eKNGBKNlsShGdm9jzqdImhHNHXAn7u-ok2sq2ch0Ai6Q0gblq9Ugm_1S9LveD01DyIjmJDKkmRPfIkkatOvjl4YtfirfL7Wtn35tUJbpvrottuq514qXeSgh1VYPmd5L53bm43GJUNllLT6Y4MR342D-MqUM_-TB1o-dt73OgV57z0VZMm1Bqe175WCIKH4DQmWZK-rjZl8UOmWpGLNySfK2N7UOhXH4tjwF9qYLw0psMQCF2tHw4977VbY-iFxiIDZENMqP-U2T1r_mTF1Mw2VENmx1B8cPtca22aIJLIOca-CkZlE5kDK1HL2zUQEo6_Z8bpPAibC7DdkevZG_POqJfJi8VgMDPxH1PpRM7z2qWS8c295uxlVHYMa2DHPUG-pf_z812wqelAlAyT7xSQxg5jfwSxs_zsdcvNCzgUQcmE123IfveNgSNA1ynbNMN6F0VtCfcxVlvNsrRafKGfQbTXbhnEGYwW2xhVkyPlfnIdvNYEXVBDqmsGX6njZAID3_PvSZbjwqEkcRpA2WZXVahsJ4fTx3ws9V2f7cOa4lhdJgyEo5EQTLWxSKTrbf3b3Mnru11SLkVM3NHffa_XOlkdgNjDk1tYatb8tN0hrLzkPiNsh8J7VeE7r42Tl_Ead58FmPEMyWfZ73_ektlt81O-tdFn66uI4Isrkz2-2f2AmBkDcyNFjEn2_l1Sco6k2jJfLCG-x_DZzhQtn09AE8PQkZRcUGZksxZs_Eu5DMXAQbz6jncIo7fZh91pRYZWLWf8Zz-yoErOlUQr7Jpw0QZDFbggqde7jdg-MnJAwuwrDVDdTISze3pdX1C6duIQeOwwyGKbD_4v6bkKCzGSvWfPhqGEsBu5eVyLjlj5L6ytkJ4orkTeroiPvlLsMqF08_Xzm_UaIU238q7RhLXoEjHSN3TVglGNe1rRtNDwFBES3-xLIiRm6ee8WiPaKL09mtI9cC4-7-vWwARaoqNmpDjZMoKPTuskF0TfXj3zPWO22gF0TBcG3zqrQ2VpMQ3in3TrlbeY49_2wkHzq_ZKSIUBl5JJXxYlaaPtz3ujeJiVyZDzSaDhLbA6wuiyCbxXXwREt68B_tT4AX7vAxTewq9QuC2G_liJ2hw4IGVfhIEVeWHetgh4a9AcnoCiw5Zl7tkVT0AjizSQmdn9WzvQwnqWeJ_hzKnabpMBr17xSKZAdUaFjJ12DHbWIvUwy9w3qbzrlUPfizym32xqLBI9gO4URhesrLbIAZaidlZns5fP1gxsLn_UDi6emPgx1OfCpZjOmnRfI6At04I_mrNUngycfMMuFzWxSpV5QN0860OvVMTTKzKOMk19PecLD-FFFpdaiiKdxw02x9BQrmb_ujhhak0dUMDaiBGcQ4gU7HUoOkhvxu7obTuYEjuFmSZIbHSTaGY3BHVZsMBwPNyVfCFtR8uSkK0V5mUEdMC8zlt9QBtX1jihZkNqp70RnckopUYRLlq99fpKk8HmjHOpG0IXREyyQ&cid=CAASEuRogrlPVsi3YEbDHWJPCr_rWg&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e57ca03e0c7b84832d0cee4773a90b6724e721d6ed106117eb08e263dfac4be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnX8pqbj9VfipmhkqzHXIbPCzAPZlVJo_KU2acSIGXesQw5vk7S7V_bOxecEsymwlcgAjhqeGmImWfjhQXmlXq7WhOa7_OTuNpllfqbnqTp_jU-_4
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 4CF2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231780&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&turl=https://jalantikus.com/apps/download/5566/20670/&DVP_PP_BUNDLE_ID=
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 09:31:37 GMT
Server
Microsoft-IIS/10.0
ETag
"318354c1ff55d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 4CF2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&turl=https://jalantikus.com/apps/download/5566/20670/&DVP_PP_BUNDLE_ID=
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
584b0accadc79e1b7911494b1fa3200666a59fbff926a255428ecd90367f55b3

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 May 2021 19:20:43 GMT
Server
Microsoft-IIS/10.0
ETag
"80b738e28855d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3196
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 4CF2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:05:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4CF2 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 4CF2 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 09:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 09:58:14 GMT
l
www.google.com/ads/measurement/ Frame 4CF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgagis6AvZocX5ZfOKGMf25kfmRbWLZxtxM9EIeca3iXWLiL6F1XR3btW2hCKL9yFMUpJM9U1ZctYd-FhjW8DwpxHQpQ
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gogo-live-mod-2d652.png.webp
assets.jalantikus.com/assets/cache/85/85/apps/2019/09/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/apps/2019/09/04/gogo-live-mod-2d652.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:39:34 GMT
Server
nginx
Etag
6855895b99413e3458e5d59dab769c91
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.251.134.221
inshot-pro-apk-logo-745a0.jpg.webp
assets.jalantikus.com/assets/cache/85/85/apps/2020/07/29/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/apps/2020/07/29/inshot-pro-apk-logo-745a0.jpg.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
94ba87e291dd9b359fb5338addded345be10063646c3d2d94f8694981984ad93
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:39:34 GMT
Server
nginx
Etag
c4edf8bedfa9fcb7ad212d26a5b21b43
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.251.134.221
minecraft-icon.png.webp
assets.jalantikus.com/assets/cache/85/85/games/2015/06/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/games/2015/06/02/minecraft-icon.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
1f95e6cfd985a71f23b49669bf804b3cd475fb3ff5b9a07146f1532b1e9ab6f8
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:39:51 GMT
Server
nginx
Etag
1004a233d6fcea1c59fa7c166efc677b
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
120.188.94.155
b1105e40b46e40d86d20e7ba18c21327-79b5e.png.webp
assets.jalantikus.com/assets/cache/85/85/games/2020/11/27/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/games/2020/11/27/b1105e40b46e40d86d20e7ba18c21327-79b5e.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:43:49 GMT
Server
nginx
Etag
7a295a7df489214f06aeabd5a2a663b3
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
182.3.134.37
carx-drift-racing-2-mod-apk-2b328.png.webp
assets.jalantikus.com/assets/cache/85/85/games/2020/10/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/games/2020/10/06/carx-drift-racing-2-mod-apk-2b328.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:42:04 GMT
Server
nginx
Etag
f925c6d2fb11427302ca458b0d71e280
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.249.116.251
cooking-fever-mod-apk-d91f6.png.webp
assets.jalantikus.com/assets/cache/85/85/games/2020/10/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/games/2020/10/05/cooking-fever-mod-apk-d91f6.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:17 GMT
Last-Modified
Wed, 26 May 2021 16:42:04 GMT
Server
nginx
Etag
fda9562bd6dc842bc73bb40fe379e343
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.249.116.251
rum
dsum-sec.casalemedia.com/ Frame 9A37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A37
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PJNteg5au2BxtgabywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiR9ttVM7w08sPMWglkjRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9A37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBO-QvA5AFHvN-2wZqHvufg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO-QvA5AFHvN-2wZqHvufg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid
bb325159-545b-49e9-b5d1-824522a7fdda
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO-QvA5AFHvN-2wZqHvufg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A37
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGvPCZATAB&v=APEucNV2uAdUCsux1HLGJTECq_wfmNnQBmkkNy60Mzzjr07IaTxv1YFdj6AwVBzYdVrQqDYVn5epCaWIts3AbRkCTN4bv0oRV5LQwhLOA-46Wts2lxZcHhFSz60HP5IjadQil02b7gnhuWU6Mx8eDccxUoHxSLc35BRCikF8TYQs3-O3luLHMYE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
bca17f74-350e-483b-bc05-35f7e328b773
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODY5OTk4ODA3OTU4ODAwMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 4CF2 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYtpIg-IcmeO9N2C5og1L92AHKL0rFz1Xn3LzGUgtkdtJ78unmh0chGFbU3rOpdi3oFfiUMNQjIj5ug6-tC-by1PPxUzXwDnTzravG_XTM4_koHEsMoPv1nsTXK7QLeKXhS3N6PHSWr-QwwisrmXqzGneQlw&cry=1&dbm_d=AKAmf-BHmgaFi2Uxm7ala7RGGiyI8ss2ohw-sDbMa-RjxwkRvFatz8xBTlwx6dKf3sYYyrtF_nSSOpgb1jmHpMK7PIr4Oz80tui0Qjbk4FPnNEfkdTTcr8D9YmN7LaaIf7mIC9n3MEyBBv4NPU7-DwqPhDBLH3DC1bcuvM2iuQwO-gkMVVpKkv-JCbo2iGLHfI9-mcb0bRIegbL_9ztRK8uH6g4G-wssVX-uA-VAMsyXreTFM6HkdPCQhDXi9nr3tvbyag7fA8CzY0VuGuqj4qjw1f-Y2YhOU7HR1TimAProcP3kztuvuOLvRSmhLXycz2TngPKHcY9qKnOjejfm1LLKg-QPz2VMOd4fEA10RDSeZ9acDaarRwHhzP34twGywgZij9iT_fq8iBZlAEbNjmqofQRRGUasE-kJtfggaK0svOXrdR7wFd8356R4zwPivAAeJyj7p2DdIKIHwajKOdIP1ZkOLBawV_3HaxCqjtebg617yUymlYWmDNfATQ3SY2HzJyfV_6MO1DW7KERwEjncaChciJmB6HHcqxeP032wpj_hAP4hj9AfN9btOb2XZrFC5DN45NGj48Zr7aKK0P4jcMUJDLz-Z4toH0Hj2Fs1Y1Usb1YEJUzcUAcAwJ0pQCFMH6-RJ78Hy_eJtf8ec-ItbCbFiQzk5cOb9aNVLEI-3xbhqrkJvHqMMBSU7LhqpdeJJ4xPtKtMeVVBQz9NUkCITAkuzgHQvGPU6UEQJwg-zdnHHxrvC07kelS3xnNPofvFjkYSw62dQWCrMRNyg95qrFH3f6PgrCDXHKq_uHg8pW86dkIFBZUDzWCHodzGUFazvrvSdFqN6HsiQ2xQa1-n1U_BzZA1h1v7YF36CBvMt-0lLACQQ_-Ei8tmVDoBg7dQE2VEbUHvZCPLhO5Et0MUzLAqZbf1sSqccIS2qjs_5gcH8bRypleEQsyOk78gco5GSd-kMGZs9Jzl9xlP0dgDjYXMfNjsEfxk1fj8L32rEBg940HCRaTEdaBp8F8RpX5mQ5fvv9DJrnxq7mq3uwRCub6GSmCfBBM9cxxZP4X2fmEdUiSg9cwibt2DOGtWt6KcMbrFzXexLxzqfEIyHMs2v548T3_xsXEQEaeuvwbrQI842FMfcwydxRlro1pa4jAT-xh8oW8uqqzrMP6Gnic3_HtYirA5k6QTqmUEMfVKRV-KzZRtESxCP7Jj5QQL9mnTNtCPokn5v9gGQeeloj088aRai05JWVGmV-cKkWSX79eha4rlh-4YCziPIf_RYhXQo9yvjyqjUNPw_x5_PT9Jwu8_jAsar3bTmqaMqb_CO-isI8rbCJWEinOVStkTiUXg7mFPiTfj8UBGjdEb3N2yozO_IlcxNilrr6ZS33QU2wlQyLKWXDMh3iXyXzf4tyTsLD3miNpq9hIe5VGOwHg69kW9OS_TFSDOantIcWtYI_XyeDE2DDUUIsG9JUNx07jvKABYpLdKdDUbGSTciy4V1DMnOOxvY_GIGew_d2YI3TyeT07OmMxMDE8_rx-auy9eKNGBKNlsShGdm9jzqdImhHNHXAn7u-ok2sq2ch0Ai6Q0gblq9Ugm_1S9LveD01DyIjmJDKkmRPfIkkatOvjl4YtfirfL7Wtn35tUJbpvrottuq514qXeSgh1VYPmd5L53bm43GJUNllLT6Y4MR342D-MqUM_-TB1o-dt73OgV57z0VZMm1Bqe175WCIKH4DQmWZK-rjZl8UOmWpGLNySfK2N7UOhXH4tjwF9qYLw0psMQCF2tHw4977VbY-iFxiIDZENMqP-U2T1r_mTF1Mw2VENmx1B8cPtca22aIJLIOca-CkZlE5kDK1HL2zUQEo6_Z8bpPAibC7DdkevZG_POqJfJi8VgMDPxH1PpRM7z2qWS8c295uxlVHYMa2DHPUG-pf_z812wqelAlAyT7xSQxg5jfwSxs_zsdcvNCzgUQcmE123IfveNgSNA1ynbNMN6F0VtCfcxVlvNsrRafKGfQbTXbhnEGYwW2xhVkyPlfnIdvNYEXVBDqmsGX6njZAID3_PvSZbjwqEkcRpA2WZXVahsJ4fTx3ws9V2f7cOa4lhdJgyEo5EQTLWxSKTrbf3b3Mnru11SLkVM3NHffa_XOlkdgNjDk1tYatb8tN0hrLzkPiNsh8J7VeE7r42Tl_Ead58FmPEMyWfZ73_ektlt81O-tdFn66uI4Isrkz2-2f2AmBkDcyNFjEn2_l1Sco6k2jJfLCG-x_DZzhQtn09AE8PQkZRcUGZksxZs_Eu5DMXAQbz6jncIo7fZh91pRYZWLWf8Zz-yoErOlUQr7Jpw0QZDFbggqde7jdg-MnJAwuwrDVDdTISze3pdX1C6duIQeOwwyGKbD_4v6bkKCzGSvWfPhqGEsBu5eVyLjlj5L6ytkJ4orkTeroiPvlLsMqF08_Xzm_UaIU238q7RhLXoEjHSN3TVglGNe1rRtNDwFBES3-xLIiRm6ee8WiPaKL09mtI9cC4-7-vWwARaoqNmpDjZMoKPTuskF0TfXj3zPWO22gF0TBcG3zqrQ2VpMQ3in3TrlbeY49_2wkHzq_ZKSIUBl5JJXxYlaaPtz3ujeJiVyZDzSaDhLbA6wuiyCbxXXwREt68B_tT4AX7vAxTewq9QuC2G_liJ2hw4IGVfhIEVeWHetgh4a9AcnoCiw5Zl7tkVT0AjizSQmdn9WzvQwnqWeJ_hzKnabpMBr17xSKZAdUaFjJ12DHbWIvUwy9w3qbzrlUPfizym32xqLBI9gO4URhesrLbIAZaidlZns5fP1gxsLn_UDi6emPgx1OfCpZjOmnRfI6At04I_mrNUngycfMMuFzWxSpV5QN0860OvVMTTKzKOMk19PecLD-FFFpdaiiKdxw02x9BQrmb_ujhhak0dUMDaiBGcQ4gU7HUoOkhvxu7obTuYEjuFmSZIbHSTaGY3BHVZsMBwPNyVfCFtR8uSkK0V5mUEdMC8zlt9QBtX1jihZkNqp70RnckopUYRLlq99fpKk8HmjHOpG0IXREyyQ&cid=CAASEuRogrlPVsi3YEbDHWJPCr_rWg&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8609
x-xss-protection
0
server
cafe
etag
7365582700020686358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:03:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4CF2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYtpIg-IcmeO9N2C5og1L92AHKL0rFz1Xn3LzGUgtkdtJ78unmh0chGFbU3rOpdi3oFfiUMNQjIj5ug6-tC-by1PPxUzXwDnTzravG_XTM4_koHEsMoPv1nsTXK7QLeKXhS3N6PHSWr-QwwisrmXqzGneQlw&cry=1&dbm_d=AKAmf-BHmgaFi2Uxm7ala7RGGiyI8ss2ohw-sDbMa-RjxwkRvFatz8xBTlwx6dKf3sYYyrtF_nSSOpgb1jmHpMK7PIr4Oz80tui0Qjbk4FPnNEfkdTTcr8D9YmN7LaaIf7mIC9n3MEyBBv4NPU7-DwqPhDBLH3DC1bcuvM2iuQwO-gkMVVpKkv-JCbo2iGLHfI9-mcb0bRIegbL_9ztRK8uH6g4G-wssVX-uA-VAMsyXreTFM6HkdPCQhDXi9nr3tvbyag7fA8CzY0VuGuqj4qjw1f-Y2YhOU7HR1TimAProcP3kztuvuOLvRSmhLXycz2TngPKHcY9qKnOjejfm1LLKg-QPz2VMOd4fEA10RDSeZ9acDaarRwHhzP34twGywgZij9iT_fq8iBZlAEbNjmqofQRRGUasE-kJtfggaK0svOXrdR7wFd8356R4zwPivAAeJyj7p2DdIKIHwajKOdIP1ZkOLBawV_3HaxCqjtebg617yUymlYWmDNfATQ3SY2HzJyfV_6MO1DW7KERwEjncaChciJmB6HHcqxeP032wpj_hAP4hj9AfN9btOb2XZrFC5DN45NGj48Zr7aKK0P4jcMUJDLz-Z4toH0Hj2Fs1Y1Usb1YEJUzcUAcAwJ0pQCFMH6-RJ78Hy_eJtf8ec-ItbCbFiQzk5cOb9aNVLEI-3xbhqrkJvHqMMBSU7LhqpdeJJ4xPtKtMeVVBQz9NUkCITAkuzgHQvGPU6UEQJwg-zdnHHxrvC07kelS3xnNPofvFjkYSw62dQWCrMRNyg95qrFH3f6PgrCDXHKq_uHg8pW86dkIFBZUDzWCHodzGUFazvrvSdFqN6HsiQ2xQa1-n1U_BzZA1h1v7YF36CBvMt-0lLACQQ_-Ei8tmVDoBg7dQE2VEbUHvZCPLhO5Et0MUzLAqZbf1sSqccIS2qjs_5gcH8bRypleEQsyOk78gco5GSd-kMGZs9Jzl9xlP0dgDjYXMfNjsEfxk1fj8L32rEBg940HCRaTEdaBp8F8RpX5mQ5fvv9DJrnxq7mq3uwRCub6GSmCfBBM9cxxZP4X2fmEdUiSg9cwibt2DOGtWt6KcMbrFzXexLxzqfEIyHMs2v548T3_xsXEQEaeuvwbrQI842FMfcwydxRlro1pa4jAT-xh8oW8uqqzrMP6Gnic3_HtYirA5k6QTqmUEMfVKRV-KzZRtESxCP7Jj5QQL9mnTNtCPokn5v9gGQeeloj088aRai05JWVGmV-cKkWSX79eha4rlh-4YCziPIf_RYhXQo9yvjyqjUNPw_x5_PT9Jwu8_jAsar3bTmqaMqb_CO-isI8rbCJWEinOVStkTiUXg7mFPiTfj8UBGjdEb3N2yozO_IlcxNilrr6ZS33QU2wlQyLKWXDMh3iXyXzf4tyTsLD3miNpq9hIe5VGOwHg69kW9OS_TFSDOantIcWtYI_XyeDE2DDUUIsG9JUNx07jvKABYpLdKdDUbGSTciy4V1DMnOOxvY_GIGew_d2YI3TyeT07OmMxMDE8_rx-auy9eKNGBKNlsShGdm9jzqdImhHNHXAn7u-ok2sq2ch0Ai6Q0gblq9Ugm_1S9LveD01DyIjmJDKkmRPfIkkatOvjl4YtfirfL7Wtn35tUJbpvrottuq514qXeSgh1VYPmd5L53bm43GJUNllLT6Y4MR342D-MqUM_-TB1o-dt73OgV57z0VZMm1Bqe175WCIKH4DQmWZK-rjZl8UOmWpGLNySfK2N7UOhXH4tjwF9qYLw0psMQCF2tHw4977VbY-iFxiIDZENMqP-U2T1r_mTF1Mw2VENmx1B8cPtca22aIJLIOca-CkZlE5kDK1HL2zUQEo6_Z8bpPAibC7DdkevZG_POqJfJi8VgMDPxH1PpRM7z2qWS8c295uxlVHYMa2DHPUG-pf_z812wqelAlAyT7xSQxg5jfwSxs_zsdcvNCzgUQcmE123IfveNgSNA1ynbNMN6F0VtCfcxVlvNsrRafKGfQbTXbhnEGYwW2xhVkyPlfnIdvNYEXVBDqmsGX6njZAID3_PvSZbjwqEkcRpA2WZXVahsJ4fTx3ws9V2f7cOa4lhdJgyEo5EQTLWxSKTrbf3b3Mnru11SLkVM3NHffa_XOlkdgNjDk1tYatb8tN0hrLzkPiNsh8J7VeE7r42Tl_Ead58FmPEMyWfZ73_ektlt81O-tdFn66uI4Isrkz2-2f2AmBkDcyNFjEn2_l1Sco6k2jJfLCG-x_DZzhQtn09AE8PQkZRcUGZksxZs_Eu5DMXAQbz6jncIo7fZh91pRYZWLWf8Zz-yoErOlUQr7Jpw0QZDFbggqde7jdg-MnJAwuwrDVDdTISze3pdX1C6duIQeOwwyGKbD_4v6bkKCzGSvWfPhqGEsBu5eVyLjlj5L6ytkJ4orkTeroiPvlLsMqF08_Xzm_UaIU238q7RhLXoEjHSN3TVglGNe1rRtNDwFBES3-xLIiRm6ee8WiPaKL09mtI9cC4-7-vWwARaoqNmpDjZMoKPTuskF0TfXj3zPWO22gF0TBcG3zqrQ2VpMQ3in3TrlbeY49_2wkHzq_ZKSIUBl5JJXxYlaaPtz3ujeJiVyZDzSaDhLbA6wuiyCbxXXwREt68B_tT4AX7vAxTewq9QuC2G_liJ2hw4IGVfhIEVeWHetgh4a9AcnoCiw5Zl7tkVT0AjizSQmdn9WzvQwnqWeJ_hzKnabpMBr17xSKZAdUaFjJ12DHbWIvUwy9w3qbzrlUPfizym32xqLBI9gO4URhesrLbIAZaidlZns5fP1gxsLn_UDi6emPgx1OfCpZjOmnRfI6At04I_mrNUngycfMMuFzWxSpV5QN0860OvVMTTKzKOMk19PecLD-FFFpdaiiKdxw02x9BQrmb_ujhhak0dUMDaiBGcQ4gU7HUoOkhvxu7obTuYEjuFmSZIbHSTaGY3BHVZsMBwPNyVfCFtR8uSkK0V5mUEdMC8zlt9QBtX1jihZkNqp70RnckopUYRLlq99fpKk8HmjHOpG0IXREyyQ&cid=CAASEuRogrlPVsi3YEbDHWJPCr_rWg&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65175
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:00:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3478 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 30 May 2021 16:00:38 GMT
expires
Mon, 30 May 2022 16:00:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65175
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal92.js
cdn.doubleverify.com/ Frame 4CF2 		90 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal92.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231780&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&turl=https://jalantikus.com/apps/download/5566/20670/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f46276798aa4c8a194549f07115cb1ad5298f6168a6bc5d193f43d5f1e60d315

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 09:31:53 GMT
Server
Microsoft-IIS/10.0
ETag
"804a50caff55d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19711
bst2tv3.html
cdn3.doubleverify.com/ Frame 2C85 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=42493
Date
Mon, 31 May 2021 10:06:53 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 4CF2 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_868594937511&jsTagObjCallback=__tagObject_callback_868594937511&num=6&ctx=1828362&cmp=115845&plc=4231780&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=868594937511&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.50&dvpx_strhd=0.50&brid=0&brver=&bridua=3&dup=null&turl=https://jalantikus.com/apps/download/5566/20670/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=140&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETar9EEADTbpTauTau3bde2ga7g%60g3ea2chbb3bb4_c37a65c6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETau2AADTau5%40H%3F%3D%4025TauddeeTaua_ef_Tau&dvp_exetime=11.20
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4def68342b5b31c55497a9ce159a52ac322a42bbf68698541bcb0dc1a5266672

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Date
Mon, 31 May 2021 10:06:53 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/30/2021 10:06:53 AM
dv-match6.js
cdn.doubleverify.com/ Frame 1F4F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=28064
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 3478 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
100459
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Mon, 30 May 2022 06:12:34 GMT
kkk-d7af9.png.webp
assets.jalantikus.com/assets/cache/85/85/apps/2020/09/17/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/85/85/apps/2020/09/17/kkk-d7af9.png.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:18 GMT
Last-Modified
Wed, 26 May 2021 16:39:34 GMT
Server
nginx
Etag
2829c7567a519de2f5079cbf6dbb7051
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/webp
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.251.134.221
dcmads.js
www.googletagservices.com/dcm/ Frame 4CF2 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 09:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 13:56:09 GMT
server
sffe
age
911
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3772
x-xss-protection
0
expires
Mon, 31 May 2021 10:51:42 GMT
bsevent.gif
tps20519.doubleverify.com/ Frame 4CF2 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=b83878665e7141ea97565adc061594ec&dvp_or2=1&cbust=1622455613323400
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/30/2021 10:06:53 AM
bsevent.gif
tps20519.doubleverify.com/ Frame 4CF2 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=b83878665e7141ea97565adc061594ec&pltfrm=Linux%20x86_64&DVPF_IBV_BUNDLE=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=0506&dvp_ndp6=false&dvp_acifd=0&bsigr=17179869200&cbust=1622455613324807
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/30/2021 10:06:53 AM
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3478 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ97fPbW0YK3_BZaK7_UPrai44AMAAAAAOAHgBAI&bg=!lpWlldHNAAaMan2LjGo7ACkAdvg8Wqwsa--fdFlLiG5T9GNsUDC1J7ehQinOnjq9HKsQJ9kk2JhEMAIAAABsUgAAAA5oAQeZAo-oqD5UVr7pxHUBRLf1WfprVb6gDpJdIQe5vUtDUqKp-mCiHW_XmwS7QgPMmPtgd9w0kWD35PMj_tmbDmFeGEeTzcgICWG5Py8ENAMCFYdZuT5fgK6ThaV-Y2Ic7H_X8ft6NgztxqXXlhz5-xN9v55Rtxq4LjgX9sxa0v2-4FXn4sO7uUpt3WeTtnmgh5hSCCBGJt8kb-p1CsX4vgQmBRfwKLwHoek6lls59Wo5xBeVFuxE6FwiPDK-iwfJV9PHNgW24kNiGDkGhy9_sLoqmeQWHCjXGqxG5P53J_1HSa-v3-8uPQ0fXDrd783jOD-aN-zc77JZdhOiZ8k83CQCX2D1pyNLbF5q0KSpsTKtuSx6FLQZEghyFkJ3KOIBKmI3zRPl21Zxnh8d6d8pBveChioBmY5NNZpJYyDFhd39GRcDVIZlUvgzu4R2pxB4AdPwXrLQd6tNlC1hOT2j4n107C63x-5P4tu2Lc_QMVmz3dwPiUX7K4DXO5Yl3nuK0nbIT3GYDRBLaxjNxmoeuO4SwPTnb7EqcL6wAe7rWWiRG6SJ-TCdK4kvXTAJPZtS_fX_6050fPLI7ntGDOIRM-BhEN-wsEMXRGDKRsbyjLA1TlQbShXu-FMnMzY4vsgYuIdbBomqqng9KvMNLr_5iKK3UaRSnV2w8G9kCCQVKIxsZT_6GMplb1Fe-YgqjPq-KaIlTDxIua51ftNVX874ZKKdWrsNiDF2rAPEVfzBTIeL963vYhqAKd8OU04AbeEZ580r4zKAtlGyLU7NVCVtAU7vfVKC4eMVARzhvt-dH1oL-yEVxaMz89SbUWZky1vZr12W_VgFlol4vbkyhnV0kXM1OVM7Gf7iF2E36njpANOrj6Fm
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v72.js
www.googletagservices.com/dcm/ Frame 4CF2 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v72.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 15:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 20:34:47 GMT
server
sffe
age
238511
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15545
x-xss-protection
0
expires
Sat, 28 May 2022 15:51:42 GMT
B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 4CF2 		34 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com%2F$0;xdt=1;crlt=prtIS'Gs)7;osda=2;sttr=14;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
f34b25718b86faa5494e26aa9a5a59ebfbe12d64f889ffdf5f2d6fe5eb61f4f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17228
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D960 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssyVSXJD5V-xFjw2yCpSQ3Z4SltO5SW3tL8ruKtbf06dnvapjTtOSmYn0kx2E4Xy9e0h2q6ND3Ip6Djg9ihk7pSQhFqjl2hp7d5HFuryKwEnOi&sai=AMfl-YTX6-FaNQ_0T6OIr67-lWRUs3puU5KTLB0ytpmVWhhrpV1GInzbN1VONYMYG7FC4zk5SYmtX3on0h-206Bm4AU98f3I8s4AY3BWWTEGk--kNEr9uq5hT7Lm6EU&sig=Cg0ArKJSzBDfh_M-pFPVEAE&cid=CAASEuRo97-lHt5blLBDgCoqQLFxLw&id=lidar2&mcvt=1000&p=935,245,1185,545&asp=935,245,1185,545&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2333532581&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622455612268&dlt=28&rpt=191&isd=0&lsd=0&msd=0&r=v&fum=1&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 4CF2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com%2F$0;xdt=1;crlt=prtIS'Gs)7;osda=2;sttr=14;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:04:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4CF2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFFs0em8jQDhylHvTi88lIl2DND7ewfBildyPSUYs_ywL6KxfbWrc907XgmYiVCT6Soxs-ncTuAjpZUww4bPECLGN8XbEoZUSR6EmMKZjUWUz8_umar-nH9Y9JawHT9MQ5MNyNmuF1ze-OfvuzdQ&sig=Cg0ArKJSzGDqbomR1XTgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210524.94093&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com%2F$0;xdt=1;crlt=prtIS'Gs)7;osda=2;sttr=14;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 4CF2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&num=&adid=&advid=2276943&adsrv=1&btreg=315303753&btadsrv=doubleclick&crt=117630481&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com%2F$0;xdt=1;crlt=prtIS'Gs)7;osda=2;sttr=14;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
584b0accadc79e1b7911494b1fa3200666a59fbff926a255428ecd90367f55b3

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 May 2021 19:20:43 GMT
Server
Microsoft-IIS/10.0
ETag
"80b738e28855d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3196
adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 4CF2 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/2276943/adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 03:18:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 18:22:57 GMT
server
sffe
age
24486
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61905
x-xss-protection
0
expires
Tue, 01 Jun 2021 03:18:47 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD2F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 30 May 2021 16:00:38 GMT
expires
Mon, 30 May 2022 16:00:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65175
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dv-omid.js
cdn.doubleverify.com/ Frame 4CF2 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-omid.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&turl=https://jalantikus.com/apps/download/5566/20670/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Apr 2021 11:53:50 GMT
Server
Microsoft-IIS/10.0
ETag
"01b62d2923ad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=69469
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6284
dv-measurements1389.js
cdn.doubleverify.com/ Frame B35A 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1389.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0e12d567a48199de2089253e3b38d051475af46c0c215d6fb8b9726978d91944

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 10:12:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0d7a3b2604dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88500
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9CC6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 31 May 2021 06:38:34 GMT
expires
Tue, 01 Jun 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
12499
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4CF2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fff671abf26395814acb5d68e476c865e15548bb24e9e1b49543cc38560be2d3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 4CF2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFFs0em8jQDhylHvTi88lIl2DND7ewfBildyPSUYs_ywL6KxfbWrc907XgmYiVCT6Soxs-ncTuAjpZUww4bPECLGN8XbEoZUSR6EmMKZjUWUz8_umar-nH9Y9JawHT9MQ5MNyNmuF1ze-OfvuzdQ&sig=Cg0ArKJSzGDqbomR1XTgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&vt=11&dtpt=92&dett=2&cstd=0&cisv=r20210524.94093&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.209;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875760;ord=lyt0fr;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fjalantikus.com%2F$0;xdt=1;crlt=prtIS'Gs)7;osda=2;sttr=14;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame 2977 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164972
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 2977 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164974
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 2977 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164974
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 2977 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164974
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 2977 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164973
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
css
fonts.googleapis.com/ Frame 2977 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:22:15 GMT
server
ESF
date
Mon, 31 May 2021 10:06:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 May 2021 10:06:53 GMT
id_br.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2977 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id_br.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578f93ffa4f4bfabc4231039a273babd4049c7c385eb66c2998e4dd247c85076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 07:34:10 GMT
x-content-type-options
nosniff
server
cafe
age
9163
etag
13139178976777033369
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3032
x-xss-protection
0
expires
Tue, 01 Jun 2021 07:34:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2977 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
2464
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 01 Jun 2021 09:25:49 GMT
truncated
/ Frame 2977 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b224e00ffd808c54cd772e8cada611e21717655492ab38ec4a6fa0a3c5f7af25

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 2977 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cls3xPbW0YLl5iO3fA8vDrMAEhML33GLhrqHl_gqm8YbjoAIQASDVx4toYOnkyYXYGqAB_9uKyAPIAQHgAgCoAwHIAwqqBP4BT9D9-DcJWFtBuJT63CV2BVs1o25v2lWHSC7KxthuImEDmc1FTqW_kpPO-BF0jHOvGTliAbciU-q5E64A0g4n-pbEbsXXfj4G7cXPu48onA7Wbhgb3rH-kTKyOE6j7WFMQdDmSuApriDeiAuxqpiwjXpjV3BBF10UcX9vuR7Xm05m74yW0y1-8A7iHcyW2Ui0MlaotU9YvNik74zfGsN_gNVJJjADOpredWWNi473qp0iTkJINEyOy1ob9GEjf3qeyyOwrI5GgGN9TTfcfNGbsORjAVxZShCatbaXxrxaINoHRspU7fNBaeQc4wvXxvztSMnLjzzt4RmqaILVgNPABO-c5dnEAuAEAZIFBAgEGAGSBQQIBRgEgAfe0oBBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEM75D9IICQiA4YAQEAEYHYAKA8gLAdgTDIgUA9AVAYAXAbIXGgoYCAASFHB1Yi01Mzk4OTg5NjgwODQxMjIx&sigh=mlem8hd7XAw
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dv-measurements1389.js
cdn.doubleverify.com/ Frame 5D2C 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1389.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:49e::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0e12d567a48199de2089253e3b38d051475af46c0c215d6fb8b9726978d91944

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 10:12:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0d7a3b2604dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88500
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2977 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jalantikus.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
376522
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 27 May 2022 01:31:31 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2977 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jalantikus.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
376491
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 27 May 2022 01:32:02 GMT
visit.js
tps.doubleverify.com/ Frame B35A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETar9EEADTbpTauTau3bde2ga7g%60g3ea2chbb3bb4_c37a65c6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETau2AADTau5%40H%3F%3D%4025TauddeeTaua_ef_Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=497&ddur=10&uid=1622455613768236&jsCallback=dvCallback_1622455613768660&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1389&tgjsver=1389&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fb356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&dvp_epl=325&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://jalantikus.com/apps/download/5566/20670/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iG_SKmVBQwFRVZXa_lxeVe&DVP_DBM_1=3060631&DVP_DBM_2=11817069&DVP_DBM_3=32228565&DVP_DBM_4=322707014&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=53785174135&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=245252780.75811487&dvp_tukv=961343867.4443845&dvp_uuid=372859807835.42773&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=953208043360&dvp_vcms=32&dvp_slmsd=97&dvp_vcmsd=129
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
119777079cfcc07503b21a1829afcfc374704c9704649aee967191a58743d75c

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/30/2021 10:06:53 AM
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2977
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 5D2C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETar9EEADTbpTauTau3bde2ga7g%60g3ea2chbb3bb4_c37a65c6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%3D2%3FE%3A%3CFD%5D4%40%3ETau2AADTau5%40H%3F%3D%4025TauddeeTaua_ef_Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=497&ddur=10&uid=1622455613827424&jsCallback=dvCallback_1622455613827745&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1389&tgjsver=1389&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fb356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&dvp_epl=325&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&crt=117630481&btreg=315303753&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=245252780.75811487&dvp_tukv=21943951799.522522&dvp_uuid=17565901.6340214&dvp_tuid=896753021140&dvp_vcms=6&dvp_slmsd=113&dvp_vcmsd=119
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5fa6c2de6e51c36c11282fcdf8bc58c326710301a47cac9a3fc1b5c9582ebf9a

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/30/2021 10:06:53 AM
pixel
cm.g.doubleclick.net/ Frame 9CC6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TS...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Rkk1TWpJSGkxTE5FT1c1&google_gid=CAESEP7aiFmZTsoTv7j9gb4M71M&google_cver=1&google_push=AQvitUJXGTN3jW8tYG_m1b6xwdvzp4Kmdbh5O1a_Y8W82TSXJA1BCwlAxgnR0AElusV5eSk-ivPmvXOgm_5J7ozvmQIxv84i9x8&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
477
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 9CC6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAyVEhS38D1zV9cF06QbJAk&google_cver=1&google_push=AQvitULz46_QQ9W0glfNF5A_bKPa1zXmQ4yMYg0_DhG2Enmxfpb5au4jyVDdBP30bRF9RpwoZbnMv139Z7wxZZAWcSiwoYb_MwSx
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9CC6
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL46k35Kx0kd6ns7_EWQuL0&google_cver=1&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_J...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_JIaanDhhns2tGu5Irr&google_hm=cyyRo_LbS9qNO2m-1lgvOnQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_JIaanDhhns2tGu5Irr&google_hm=cyyRo_LbS9qNO2m-1lgvOnQ
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJ9g76cdxKTyydrsy_8M9yu4Qi6MIUKk80NaZRKXc4LDv0tBh9rMfajhv4V-xrsCT6xHNjztxncX_JIaanDhhns2tGu5Irr&google_hm=cyyRo_LbS9qNO2m-1lgvOnQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9CC6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENiaRqO_9YvzbWuvoQKQlx4&google_cver=1&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1B...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODM5Mzc5NzA2OTQzNzA3NQ%3D%3D&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1BYRPw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODM5Mzc5NzA2OTQzNzA3NQ%3D%3D&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1BYRPwRORcNui67O
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODM5Mzc5NzA2OTQzNzA3NQ%3D%3D&google_push=AQvitUJBcs8iAKFFHVekyp0Ct7tGoV8BqEvFysdHy0XXUu3DJmUP8ElBXQ2o00xZMcB9nlIxyl7bmJUI-rLN1BYRPwRORcNui67O
Date
Mon, 31 May 2021 10:06:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
google
d5p.de17a.com/cookies/ Frame 9CC6 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEIBrCbDGlIe8qxzdw4P-8pM&google_cver=1&google_push=AQvitUI-of9S4pR9Uh-5iT-_4TZc6OngQH4aVgR8kuegy9j-qfNC_8GCKASwJtklmz2IvYV7_HUpwwphbNybkDXqzT4rD1jWTX74
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.181 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-181.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9CC6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMuViPQLvfWWk8v8My9gFyc&google_cver=1&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhX...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDY...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDYwMDY3OTk5NzA1NA%3D%3D&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUK6aCi_p8ZHjfgDcnagwjg_repgD_IPLHf_aY8ouAhyw-_CSAz1aeqm_k9pRyUyzNsd3ddUhXmHML7aJWk_8nqa3zOTd8o&google_hm=ODQxMzk0NDYwMDY3OTk5NzA1NA%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
438
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9CC6
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOIAHRsMlON-i2px090rof4&google_cver=1&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlY2Q5MDNjYi1jMWY3LTExZWItYjI4Mi0wMjFiMzM2NTgyM2E%3D&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbneb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlY2Q5MDNjYi1jMWY3LTExZWItYjI4Mi0wMjFiMzM2NTgyM2E%3D&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 31 May 2021 10:06:54 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlY2Q5MDNjYi1jMWY3LTExZWItYjI4Mi0wMjFiMzM2NTgyM2E%3D&google_push=AQvitUKm646QeAXQIEymgSLBgbTOEZP9QmZh-E_w5M-maKkGic-a80GS7CGVvqbnebmOY2-mYgfv04cMSyX8CDcxPuGdSpn38D6_
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9CC6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhW4vHpo3Lb7SRI-0ALp_y8YtIFhrVH-XwttLNQscH-Krvd-Uj3K97ckrrAo7kHElNhedmlg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:53 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
pagead2.googlesyndication.com/bg/ Frame FD2F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 07:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
7686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
expires
Tue, 31 May 2022 07:58:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D3FB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHI5Vd3bU1tyDFOX2pfH1k9iIYAsIoHmki3O0T969zKBhOalHc9QCZaBvFgSLvfVD6utJP5n5WOi7uAl3H2uPByYXKi5oxznX8TksRXu9_GmibhohhUeJC_0s4OQ&sai=AMfl-YQ1uCehdAWejTk04b6IfwnyQbP0eTEyS3tvxD8Usl_sHEQ-tctb-4vnqNmFNxTbDpUuQfvuPuXxTRdoRd1sR-gknA9r-I7Je-LspiXcoMzNXmobmxnqmXtHLrA&sig=Cg0ArKJSzBIurmTb7_yeEAE&cid=CAASF-RoAiT6ABTPl85amd_Yu7Y-NxbG-Gud&id=ampim&o=436,276&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=111&tls=1122&g=100&h=100&tt=1123&r=v&avms=ampa&adk=3781359460
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD2F 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxPV8PbW0YPXUHbPd7_UP08e1iAEAAAAAOAHgBAI&bg=!MzClMHTNAAaMan2LjGo7ACkAdvg8WvgoJlO82MrtRF9LTGt-ZSI95M8Z4ht22A4B5XrqypdXHyNBBgIAAACJUgAAABBoAQcKAOFHlr-Tarztdb6OeZ1EKcJiKZXWUx9R7PTxl0o2IqM2De-idqfSpvLQ9hfmdnxs57lWKzHsFrxlrhkMmpAgf_yhk-ru7VHn1xxkB3qRdMtXEbrRjpDYV4pL7QTdZYWroy3BKWiGX5yogH2s4lepl1dZQwmu6skiTKmQdUASLvOwHZehvTWmTNVmzBs09sUz7BQRyqmBA6o08ydPcPhSaI4DInRnp7B9fYHKVZaVEXrsrjycpwtNPSsX9H-vOT-uBluPm-U1uzti9iBUgRYRyFIDulimY0-j-2ZaIPZLqTT-PmWZAo-ZRdUk4E9Ao6cypJIfzxKLD3n-5z1IIwApcug6BFL4ghdKSQVClBGyajBRmJY1TRoTrjzUY-c1tqJw0so_uiLuAyaV-UYftj7pidgg-M7B9llAmBm-HDS-g8KHpw5cUjjVy843JiSyUYmx84RDv-UjHX2mhXrz6tCt2zVuo1eSzdGBknSlpnr2Yatdn7s9iaTQQ06EWs_JJL12SbOU4EeKsVR9hKocyhz-petmTwrB25Bv53aa7PNmfROGaOqOWJ2KgcqKAfcL2Ml7VHTernyxtgZjxn-lqR4r3wNHgcqypKo8J82EtYlburPIyW6KZ4V3ciYYp1XTJ4zwrNd6No1JSvXc-GJJOkriDnMnBNwHM6TUZ8cz1w0Dx6P9iOV_T21HGqquZ9kamzhLuOpaFiiCnb2dcFWvUkhKlCJdcndrW8ybgSnhB4qG7mlqu-_ytw6yVZenZXxUVYJQ6MHZ1exdfJq-IB4uOzp0bDeZXTQnGD8XSmyPczeGnaauZxC5f0fQt2WvU0YvFdQdI2zN8cPij7IGCgDfzmEEf9AZVPAVuqnFsjBkqq6J1rFIxpSf4HmB7Qk880zNSHSKVdPHD7-VLFrIjKguTP-6WL1G-_OZhRBdmB4kIm3EZZ9XhIFC2XVYgQJFj045U_hR01SLdaUhrSZEol4VPdZWlVtTpVYRHBsFy3w0Z1QBhKV6qlFgPRFv7j6tL0s9Bv6ArjwZX9hS3OlykQdKwHU1CDoUDDe6f8pTW5GfjQif6sfNJ20O2rcEcAtEBaSLG1Q1n0qbabt5jHwz4jS95VU3jGJLX0D-Tob6UvCOugSfN0kaRe8MjfRqkSrQbcsbPbV0nSopkIKlulSKJY1IOD6xcobcpN1Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 31 May 2021 10:06:50 GMT
expires
Tue, 31 May 2022 10:06:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2677 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnMasKNfoHFTP06IJj-7stRMfvQ7ikqjMEHgxGeC0OtczaFKAEGtNQf3NKtQsI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 31 May 2021 10:06:54 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 20A4 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPum4y26dkH2lLk5Sr9MZfIxC7v0T5hWgm0uQLlu7DrTqu_TeY5QU0Bgy5sn-ghbI8JKnCScboAzzConPfspNk7rL_13WY1KlI94yPhg1UlDeoIQMetNzF-vzUIyvX5msFArd-oofZFz21ZKTLLMGWKDpewQ&dbm_d=AKAmf-ABzgUZxemLFXFmywveZGgoK-09-Uhii_36clDri-RdaSjqdTQ2FMs3SHDHDVixmwe3rvc0kPtePUm9a1aeO7WHTsn2F2tatV2V6OK9hxRPkGxAVGVubQWFELRvjjT1Ss0MFInLybcdsxCpc28xHmEO7hjo75QH-hUA2YwegVOYv6G2WBcabWP7TYSQTBqgdlbiFOOedym_Xe-IM5rCWm4Sq3JUWy9PVoaxYVsQjUD5dUO3_kqRAPcx5KjbsfwKHYaTu3-dxT2L0bLWFA7gXd-uUo7S1-6TbaSjzj6J5C7C8MSiKkCLvVAL-m0bFerkbLsMNKIaza8_hQuXX3NWRqDNsQbZPR5Xqk31w9mtmVrCSCPxRn1bd79LHltQK0qBKJaqazP4k1NYklwGGMXYabFx2a00Oh8R4gf2KQL0WnS4_K-fCcnmUYJRIV2TYWbqyHoATYrUxDMJEn01j2qONO5rBaWJszCllJaUTC1OvhBxAhGbTRaioOJvtHDsVhAypMs-nc9lKfDMq2I_8AfCIBeS68zQxNUfuvLZiaYS4O0yO2Jjj9PKfk8rPSo5YFgNc3GhfRG-P2TBPNDGlFHrrdDdQOKXZZenyMPubn6Z-Jx5bdTA7oZqt2tGipyB-sMN0dp9F-yTOQoI3_BSCc1w_ABwN4YxWBDUmS9s_5JQf-By_QeTXuRCxW4HTxcUjwf4PNxJaWmi9VWgXdBuRfy9pbEHumu4s9U5O9eWcjrPGrAaosawS-pb8d-htu3ktmqdwVuX2DWVjZ4pic4PNHEtWH0YvzOt8xCBncasgpPH2juJeyI3m5oRtxjbgYAvOCWylGtOa1WrEqjhWyAyP2apqdp11nLckkqWB21HuqtwdkDZN_2vnCNb1MuUBsFcmB41ynVczlrGE_FLZuYEIO8v38_CFiOVxuDfLA70LaL64R7vJDqWJBhLGgsI3opOhapG1Bp6hVtsFBKmaPUaaGm0TMi7UzRU42H2ygqBmPVFYGv_Ttzfz1ZN7UPVDDn2yRgmz7ZZi8hnGwcLfJzmLrg5zrZmZqOX-NnkzazkCTRXC2Sxngj5hbm9D-apDsO-vnOYoGNPLuzFcMSbC1QXDbJxqA1KD8U6slLwW4Ca31v6Wu40XWlc-MqZFVFsbdIr9j9fDaep4zhHC-8yIG_0hl4YjvfybeAqVlumy2ZqYICSNnnD37M6IMzci1BMlqtyC_0LBUsUX5CnDxeZoyqud2r9G2pMvaqVm8rBOlK3F5HcMNRSiZElbwFfEUWatsWkjMe3001lbtbdiRioFf-66jdnbSEWo8pguWcyLwySWRLQD4XY_NfazrciVfyvK0Q7WV7vnl6I6YYz9IlmPWM7J9rM1DO7iBomH-nu_HFQbwhTGYqWY2UVZC1dGmRkpV3-nB3-DgVLY_2UtY_7VsiZaOiWMFBcKmH-m7yHjS7u7YPtnRXPUSo419lpI4RQwBdoumyJ2pCdbLjlhIHqC-UmExuwNUhwKt2tz7EmoAWCMtj_fXGgYX7DAKyagmv-p7kYXWOuEtHSRIcwz40gMPkcvwRFHmhoAkEmjfqG83i28EVEQlKKJQohfOdSR05Y2hmBqWm9c7rTSHak6dSfmzM2QtCz5aKwMTedlZvmJDPSskGfZDz3in-HucPWFei2nb6iYnOlXuujOP0prD-z0BUP3ItAJJhGtudDPDXBRIPAEwslNoeQB0wdCTy80VRJQr4b22Fm4hhvvOOdFiY6D1yn7kSXX02q9q6mc8a0ea0NSSgToqCrK0Bzki1U4XeoFOQB5UFHtCf-d231CherlwxKWkdaLHdx0bzxbu8oRO-RN_UtZlKmtvDNSmxwKwZSoKxtldSlItMBeCyBQUKbmId3-ur9Db76l8EKECLn1_uMN2Z6nkgJiSe-dgoU4ondXy0CNBzLT3QpFL6YdlHQN-q3Du-53q87SiJ8pGqhhl-S-GI3G-d0_nixu1WhqiB4FJN3ve4ZTbvXI8sFVUcxmmr2D-VbbC8Pv4n5vvKOcsIAtCV5O7JftN9XpIAzuE9fuON2E_KCKBdrdBsLpO0xBD5EuT9YELiYSdM_DYjEXiVpyLvE12WEV6gYElX17iuNYznryO86ZCihvzSV_gT4aEAPu9txL-ijIjaGHoHj1LY43txBKLf8emsOgPv_sfgY7wJWPlcts9yQZNrgc-Q5zpeeNV6_U3K8CgLHs1TdMecTV367LrufRpYuCtR5ooC-jfdA_j-1uTC7jOp7AWpdLCu9uXDCxOmk5o1VJ1gLuMzr05l2h7DBVfMQ1ACOm6d-sNiPfDt4wOcFYrplIMpZYkpEnF1858X5TRxAS9ICEVtW8o93zlO4a5h3zew6gqcLKz7WoFEe4v3Xtec29ESmZqIGk_Kh4jYElQqSvKAXnuCPoMjgRLq58ZRz14lymnpYXE2JX1-v9VVNKMXRL1gKHPuWvogfczeqSkU6QhpVy8LSz2AVi7jlCW7h4ZBkoGySlY_LG-zdc5c5N7QlBMlHufVDeOio5HotmcLIkedGK9Js4zOfMIEYUvCIdNw19N1BPDdx9UPRyDY7rMGDKDLVqocAGjwGw4k2eiHbNfUAD8wTX_8S52xLrSTT_py4KlI6QkUUj4eeUXG8orIj2Cd78Eq-6-30yTEs_Y9Y_1H3p3xZj2bgLbvDG2yzT8UO4gjN8vDixwEv0UhW5B5TqiwZoAGUTOXfAQMZUimpoJrycyD_w4GMYOMo0SJIySg_iFXCrW82QqrsNTjFKmNFBjMJNRX3oLwQIH76QfM7HcudfxwnvROAvbyAKmMSyNie0iPkhvepY30Nn3rZnhFIKhamO0wDsorTb0HcMeQgVg_GAQ8qEeKV_rJFRHZ1IiicgmU72z3TKlW5RdpLQD2cNL4x8pShIFjDdycq0CUV83b93EmpayWjmuxQeXEyPDUbV6rmrUEmmoalt2GLsms6K_IZ8tqH7aTxI1SvXj279OTqdbeZDqq39vRV57V96U3oOmHCVbh8QxiGA5VlgTS2&cid=CAASEuRopoBvnnfu3J7L5HiTpQH8MA&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea5682442991ac1c7cee7ead5f6fd2c4e283bd8488d608d2edd8999f83d16436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23925
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20A4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiJXXDDaDht8GaRcQunXzLd1EsUUmwM2Ub45Lzuc5DIairdbIVloJRr-XcLMuoM3IAVvXRz_ndCNj0ttwbbTTPWwtmfpaD7ZNOPOrHmuS2gQaSr0k
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 20A4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:05:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20A4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 20A4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 09:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 09:58:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 2677
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2677
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PiTCvhLrCmMPn1zpYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR7ciRBSwohSbJQZgkDh5M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2677
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMJNSaDa6C14SwkAZyEi2AE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMJNSaDa6C14SwkAZyEi2AE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:54 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid
a188418d-7bde-4fc9-8ade-70fbc3d3595f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMJNSaDa6C14SwkAZyEi2AE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2677
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCnDRCp1DwYr4XqqwEwAQ&v=APEucNX0UDUltbAemswR0vfS-9PswORehBod_1psXjYJPrcry1Qv59cXMoJamj2o4STqqPb3Mo_prryFUaO6cDVh-cqHWVr8PG66LAeucSrQdemJQlehn0Mj6gaqxWR53SAxc3Blhzd4tho-K_u5eSOjR1JALK_RA92zpcfp8t-ya8MdHSkrdZ4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:54 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
5df41c0e-4d71-4d1c-9504-83bef97994f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 20A4 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65523
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 May 2021 15:54:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 20A4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPum4y26dkH2lLk5Sr9MZfIxC7v0T5hWgm0uQLlu7DrTqu_TeY5QU0Bgy5sn-ghbI8JKnCScboAzzConPfspNk7rL_13WY1KlI94yPhg1UlDeoIQMetNzF-vzUIyvX5msFArd-oofZFz21ZKTLLMGWKDpewQ&dbm_d=AKAmf-ABzgUZxemLFXFmywveZGgoK-09-Uhii_36clDri-RdaSjqdTQ2FMs3SHDHDVixmwe3rvc0kPtePUm9a1aeO7WHTsn2F2tatV2V6OK9hxRPkGxAVGVubQWFELRvjjT1Ss0MFInLybcdsxCpc28xHmEO7hjo75QH-hUA2YwegVOYv6G2WBcabWP7TYSQTBqgdlbiFOOedym_Xe-IM5rCWm4Sq3JUWy9PVoaxYVsQjUD5dUO3_kqRAPcx5KjbsfwKHYaTu3-dxT2L0bLWFA7gXd-uUo7S1-6TbaSjzj6J5C7C8MSiKkCLvVAL-m0bFerkbLsMNKIaza8_hQuXX3NWRqDNsQbZPR5Xqk31w9mtmVrCSCPxRn1bd79LHltQK0qBKJaqazP4k1NYklwGGMXYabFx2a00Oh8R4gf2KQL0WnS4_K-fCcnmUYJRIV2TYWbqyHoATYrUxDMJEn01j2qONO5rBaWJszCllJaUTC1OvhBxAhGbTRaioOJvtHDsVhAypMs-nc9lKfDMq2I_8AfCIBeS68zQxNUfuvLZiaYS4O0yO2Jjj9PKfk8rPSo5YFgNc3GhfRG-P2TBPNDGlFHrrdDdQOKXZZenyMPubn6Z-Jx5bdTA7oZqt2tGipyB-sMN0dp9F-yTOQoI3_BSCc1w_ABwN4YxWBDUmS9s_5JQf-By_QeTXuRCxW4HTxcUjwf4PNxJaWmi9VWgXdBuRfy9pbEHumu4s9U5O9eWcjrPGrAaosawS-pb8d-htu3ktmqdwVuX2DWVjZ4pic4PNHEtWH0YvzOt8xCBncasgpPH2juJeyI3m5oRtxjbgYAvOCWylGtOa1WrEqjhWyAyP2apqdp11nLckkqWB21HuqtwdkDZN_2vnCNb1MuUBsFcmB41ynVczlrGE_FLZuYEIO8v38_CFiOVxuDfLA70LaL64R7vJDqWJBhLGgsI3opOhapG1Bp6hVtsFBKmaPUaaGm0TMi7UzRU42H2ygqBmPVFYGv_Ttzfz1ZN7UPVDDn2yRgmz7ZZi8hnGwcLfJzmLrg5zrZmZqOX-NnkzazkCTRXC2Sxngj5hbm9D-apDsO-vnOYoGNPLuzFcMSbC1QXDbJxqA1KD8U6slLwW4Ca31v6Wu40XWlc-MqZFVFsbdIr9j9fDaep4zhHC-8yIG_0hl4YjvfybeAqVlumy2ZqYICSNnnD37M6IMzci1BMlqtyC_0LBUsUX5CnDxeZoyqud2r9G2pMvaqVm8rBOlK3F5HcMNRSiZElbwFfEUWatsWkjMe3001lbtbdiRioFf-66jdnbSEWo8pguWcyLwySWRLQD4XY_NfazrciVfyvK0Q7WV7vnl6I6YYz9IlmPWM7J9rM1DO7iBomH-nu_HFQbwhTGYqWY2UVZC1dGmRkpV3-nB3-DgVLY_2UtY_7VsiZaOiWMFBcKmH-m7yHjS7u7YPtnRXPUSo419lpI4RQwBdoumyJ2pCdbLjlhIHqC-UmExuwNUhwKt2tz7EmoAWCMtj_fXGgYX7DAKyagmv-p7kYXWOuEtHSRIcwz40gMPkcvwRFHmhoAkEmjfqG83i28EVEQlKKJQohfOdSR05Y2hmBqWm9c7rTSHak6dSfmzM2QtCz5aKwMTedlZvmJDPSskGfZDz3in-HucPWFei2nb6iYnOlXuujOP0prD-z0BUP3ItAJJhGtudDPDXBRIPAEwslNoeQB0wdCTy80VRJQr4b22Fm4hhvvOOdFiY6D1yn7kSXX02q9q6mc8a0ea0NSSgToqCrK0Bzki1U4XeoFOQB5UFHtCf-d231CherlwxKWkdaLHdx0bzxbu8oRO-RN_UtZlKmtvDNSmxwKwZSoKxtldSlItMBeCyBQUKbmId3-ur9Db76l8EKECLn1_uMN2Z6nkgJiSe-dgoU4ondXy0CNBzLT3QpFL6YdlHQN-q3Du-53q87SiJ8pGqhhl-S-GI3G-d0_nixu1WhqiB4FJN3ve4ZTbvXI8sFVUcxmmr2D-VbbC8Pv4n5vvKOcsIAtCV5O7JftN9XpIAzuE9fuON2E_KCKBdrdBsLpO0xBD5EuT9YELiYSdM_DYjEXiVpyLvE12WEV6gYElX17iuNYznryO86ZCihvzSV_gT4aEAPu9txL-ijIjaGHoHj1LY43txBKLf8emsOgPv_sfgY7wJWPlcts9yQZNrgc-Q5zpeeNV6_U3K8CgLHs1TdMecTV367LrufRpYuCtR5ooC-jfdA_j-1uTC7jOp7AWpdLCu9uXDCxOmk5o1VJ1gLuMzr05l2h7DBVfMQ1ACOm6d-sNiPfDt4wOcFYrplIMpZYkpEnF1858X5TRxAS9ICEVtW8o93zlO4a5h3zew6gqcLKz7WoFEe4v3Xtec29ESmZqIGk_Kh4jYElQqSvKAXnuCPoMjgRLq58ZRz14lymnpYXE2JX1-v9VVNKMXRL1gKHPuWvogfczeqSkU6QhpVy8LSz2AVi7jlCW7h4ZBkoGySlY_LG-zdc5c5N7QlBMlHufVDeOio5HotmcLIkedGK9Js4zOfMIEYUvCIdNw19N1BPDdx9UPRyDY7rMGDKDLVqocAGjwGw4k2eiHbNfUAD8wTX_8S52xLrSTT_py4KlI6QkUUj4eeUXG8orIj2Cd78Eq-6-30yTEs_Y9Y_1H3p3xZj2bgLbvDG2yzT8UO4gjN8vDixwEv0UhW5B5TqiwZoAGUTOXfAQMZUimpoJrycyD_w4GMYOMo0SJIySg_iFXCrW82QqrsNTjFKmNFBjMJNRX3oLwQIH76QfM7HcudfxwnvROAvbyAKmMSyNie0iPkhvepY30Nn3rZnhFIKhamO0wDsorTb0HcMeQgVg_GAQ8qEeKV_rJFRHZ1IiicgmU72z3TKlW5RdpLQD2cNL4x8pShIFjDdycq0CUV83b93EmpayWjmuxQeXEyPDUbV6rmrUEmmoalt2GLsms6K_IZ8tqH7aTxI1SvXj279OTqdbeZDqq39vRV57V96U3oOmHCVbh8QxiGA5VlgTS2&cid=CAASEuRopoBvnnfu3J7L5HiTpQH8MA&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:04:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 20A4 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPum4y26dkH2lLk5Sr9MZfIxC7v0T5hWgm0uQLlu7DrTqu_TeY5QU0Bgy5sn-ghbI8JKnCScboAzzConPfspNk7rL_13WY1KlI94yPhg1UlDeoIQMetNzF-vzUIyvX5msFArd-oofZFz21ZKTLLMGWKDpewQ&dbm_d=AKAmf-ABzgUZxemLFXFmywveZGgoK-09-Uhii_36clDri-RdaSjqdTQ2FMs3SHDHDVixmwe3rvc0kPtePUm9a1aeO7WHTsn2F2tatV2V6OK9hxRPkGxAVGVubQWFELRvjjT1Ss0MFInLybcdsxCpc28xHmEO7hjo75QH-hUA2YwegVOYv6G2WBcabWP7TYSQTBqgdlbiFOOedym_Xe-IM5rCWm4Sq3JUWy9PVoaxYVsQjUD5dUO3_kqRAPcx5KjbsfwKHYaTu3-dxT2L0bLWFA7gXd-uUo7S1-6TbaSjzj6J5C7C8MSiKkCLvVAL-m0bFerkbLsMNKIaza8_hQuXX3NWRqDNsQbZPR5Xqk31w9mtmVrCSCPxRn1bd79LHltQK0qBKJaqazP4k1NYklwGGMXYabFx2a00Oh8R4gf2KQL0WnS4_K-fCcnmUYJRIV2TYWbqyHoATYrUxDMJEn01j2qONO5rBaWJszCllJaUTC1OvhBxAhGbTRaioOJvtHDsVhAypMs-nc9lKfDMq2I_8AfCIBeS68zQxNUfuvLZiaYS4O0yO2Jjj9PKfk8rPSo5YFgNc3GhfRG-P2TBPNDGlFHrrdDdQOKXZZenyMPubn6Z-Jx5bdTA7oZqt2tGipyB-sMN0dp9F-yTOQoI3_BSCc1w_ABwN4YxWBDUmS9s_5JQf-By_QeTXuRCxW4HTxcUjwf4PNxJaWmi9VWgXdBuRfy9pbEHumu4s9U5O9eWcjrPGrAaosawS-pb8d-htu3ktmqdwVuX2DWVjZ4pic4PNHEtWH0YvzOt8xCBncasgpPH2juJeyI3m5oRtxjbgYAvOCWylGtOa1WrEqjhWyAyP2apqdp11nLckkqWB21HuqtwdkDZN_2vnCNb1MuUBsFcmB41ynVczlrGE_FLZuYEIO8v38_CFiOVxuDfLA70LaL64R7vJDqWJBhLGgsI3opOhapG1Bp6hVtsFBKmaPUaaGm0TMi7UzRU42H2ygqBmPVFYGv_Ttzfz1ZN7UPVDDn2yRgmz7ZZi8hnGwcLfJzmLrg5zrZmZqOX-NnkzazkCTRXC2Sxngj5hbm9D-apDsO-vnOYoGNPLuzFcMSbC1QXDbJxqA1KD8U6slLwW4Ca31v6Wu40XWlc-MqZFVFsbdIr9j9fDaep4zhHC-8yIG_0hl4YjvfybeAqVlumy2ZqYICSNnnD37M6IMzci1BMlqtyC_0LBUsUX5CnDxeZoyqud2r9G2pMvaqVm8rBOlK3F5HcMNRSiZElbwFfEUWatsWkjMe3001lbtbdiRioFf-66jdnbSEWo8pguWcyLwySWRLQD4XY_NfazrciVfyvK0Q7WV7vnl6I6YYz9IlmPWM7J9rM1DO7iBomH-nu_HFQbwhTGYqWY2UVZC1dGmRkpV3-nB3-DgVLY_2UtY_7VsiZaOiWMFBcKmH-m7yHjS7u7YPtnRXPUSo419lpI4RQwBdoumyJ2pCdbLjlhIHqC-UmExuwNUhwKt2tz7EmoAWCMtj_fXGgYX7DAKyagmv-p7kYXWOuEtHSRIcwz40gMPkcvwRFHmhoAkEmjfqG83i28EVEQlKKJQohfOdSR05Y2hmBqWm9c7rTSHak6dSfmzM2QtCz5aKwMTedlZvmJDPSskGfZDz3in-HucPWFei2nb6iYnOlXuujOP0prD-z0BUP3ItAJJhGtudDPDXBRIPAEwslNoeQB0wdCTy80VRJQr4b22Fm4hhvvOOdFiY6D1yn7kSXX02q9q6mc8a0ea0NSSgToqCrK0Bzki1U4XeoFOQB5UFHtCf-d231CherlwxKWkdaLHdx0bzxbu8oRO-RN_UtZlKmtvDNSmxwKwZSoKxtldSlItMBeCyBQUKbmId3-ur9Db76l8EKECLn1_uMN2Z6nkgJiSe-dgoU4ondXy0CNBzLT3QpFL6YdlHQN-q3Du-53q87SiJ8pGqhhl-S-GI3G-d0_nixu1WhqiB4FJN3ve4ZTbvXI8sFVUcxmmr2D-VbbC8Pv4n5vvKOcsIAtCV5O7JftN9XpIAzuE9fuON2E_KCKBdrdBsLpO0xBD5EuT9YELiYSdM_DYjEXiVpyLvE12WEV6gYElX17iuNYznryO86ZCihvzSV_gT4aEAPu9txL-ijIjaGHoHj1LY43txBKLf8emsOgPv_sfgY7wJWPlcts9yQZNrgc-Q5zpeeNV6_U3K8CgLHs1TdMecTV367LrufRpYuCtR5ooC-jfdA_j-1uTC7jOp7AWpdLCu9uXDCxOmk5o1VJ1gLuMzr05l2h7DBVfMQ1ACOm6d-sNiPfDt4wOcFYrplIMpZYkpEnF1858X5TRxAS9ICEVtW8o93zlO4a5h3zew6gqcLKz7WoFEe4v3Xtec29ESmZqIGk_Kh4jYElQqSvKAXnuCPoMjgRLq58ZRz14lymnpYXE2JX1-v9VVNKMXRL1gKHPuWvogfczeqSkU6QhpVy8LSz2AVi7jlCW7h4ZBkoGySlY_LG-zdc5c5N7QlBMlHufVDeOio5HotmcLIkedGK9Js4zOfMIEYUvCIdNw19N1BPDdx9UPRyDY7rMGDKDLVqocAGjwGw4k2eiHbNfUAD8wTX_8S52xLrSTT_py4KlI6QkUUj4eeUXG8orIj2Cd78Eq-6-30yTEs_Y9Y_1H3p3xZj2bgLbvDG2yzT8UO4gjN8vDixwEv0UhW5B5TqiwZoAGUTOXfAQMZUimpoJrycyD_w4GMYOMo0SJIySg_iFXCrW82QqrsNTjFKmNFBjMJNRX3oLwQIH76QfM7HcudfxwnvROAvbyAKmMSyNie0iPkhvepY30Nn3rZnhFIKhamO0wDsorTb0HcMeQgVg_GAQ8qEeKV_rJFRHZ1IiicgmU72z3TKlW5RdpLQD2cNL4x8pShIFjDdycq0CUV83b93EmpayWjmuxQeXEyPDUbV6rmrUEmmoalt2GLsms6K_IZ8tqH7aTxI1SvXj279OTqdbeZDqq39vRV57V96U3oOmHCVbh8QxiGA5VlgTS2&cid=CAASEuRopoBvnnfu3J7L5HiTpQH8MA&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8609
x-xss-protection
0
server
cafe
etag
7365582700020686358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:03:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 20A4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65176
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:00:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 88EA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 31 May 2021 06:38:34 GMT
expires
Tue, 01 Jun 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
12500
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 20A4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5588d0f27de7004c7f4e7bad4481bd85df636b37fb225b9c11f108740162a87a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/5418521/1622220318416/300x250/ Frame FCBC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0480ae8ef362c162397af1420e9ecba06e148d821c5faa43074af26dc4aa97d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/5418521/1622220318416/300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1391
date
Sun, 30 May 2021 17:59:54 GMT
expires
Mon, 31 May 2021 17:59:54 GMT
last-modified
Fri, 28 May 2021 16:45:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
58020
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 20A4 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbQOw4tggZSbEAgBD0jyTGyzPLfjylus6y-riL-PhvgbQ8xhVcdjuGpwrfl2VoIH_373SpUHfJp9kbFyiEaSNb68P1zpVv-dCZhqgLE4FEXVwfBd0t7gwxlmFgIqHFqgbeQl1CajLybXWE6KqtShnzSWFoP9YrcmfyfQzTCNLKEetOF3g46IIOI8qMsQDR7N0BPw1BkRlJ7_xOU9PzCtf_M9jhJvUTXcu1do8yTwFKvASweGYUGl7elgY222RwAB3ebkZS0UeFJtmhY4R9C8TUU5T1t0e9iWqhfM4WtZzyqLwHWmr4sK_ROaJEoOyR_y7j-xcIvud0AXY2NiXo1Pq5F3T-7IIgvE-vEegzcUJRGPupCK_7P8Y5hDfRN-pNP3r1WvLDtkWiUns3AogG8JnDPF00Ko_mkJnHrCTUFuJrrsgWaTyAIHbftDkvetdfntU59tVFAn9EgzdhQS27xcwbECbyTqLxzp52yg7TfC5bGHs8HzyK2xvBxQ0YlmC8ioNKe2-eJoqFXZZBPZlogo05egt4FRA3wI_jUF5WrcBI7u6Br3r312CSsuNf4OJJsOS7Bi7AAajbYKTLYvoqRYKVg6FQQnO_tg-5JkpJ7O03nWplF2eLFY0ogq6M25gABHILAdkPw-vFyG_Jkn40m5dJfNVWQ3ywyC-z9whqSojrMYEZjFfxJivUSWph57318YeBMiwA-Sv2Y_Z8lZQJdyiut5vdrT_D41Mv_F7-dS2uxcx7mAFj-mL1IyD5ZBtn2mWbAe9CRsvkI29gY_WKPPzrGnjhBaqZsoXgr9mYem1g1miDiWKGa-a6-YL23ZOkcjXvpLq47fovDTyxFc0VG1j0Ei8Rve1MlVgoIvFURFLolJAT4XYXgCQ-N6ZLZ8eXOo86HZZNq-fdiKwPA6TMZLOoc4jM1nieaB_KAxjtGyRZbx9XZBNWyuMjugdVUMgZuwptubSoVGatNaUPPMfnD3pJTFtOhvT8IrUJcuI0abWoo2KbfaUjRcfD7V_r_yq5ZaXRD9dxa5hMpR4hQGqHeVLN0yvXwvAROjA5DXhMC-lo597DKAmb-i1unYmcU7uRMZAawTrmXb1kqvnkwYeUTb5wK503JOw8xumncRYnmu8_VJyZ459u24Wy4AX8RxBxzi2Zfylv_DLar3Q1QgmQ7u-jrz2go_hdJfa1gRIxwUMFwxB_B4QmeLcBpq3DUIevlmoLAHIZ_B7__9oh5MRx4LtxUnlWzVJ4Kuf30ODxxyzYZ_ZJ4wu9&sai=AMfl-YRLwHxPYF5hZJJuUAtI_u915g85q_I-8R_CWm6qhM6cEsVmj0G5CXFVuog4GnEJX7y-aSyMy_HNuOruk9d5du1k-WlhAtxVsc86SJXmv9Mt5mDhR9qu-fyIaO7MuWIvjkDwrrdhRIwx0KYUI198gbQKE99QaPwBFXiEcTIWP0dizPEQqukk&sig=Cg0ArKJSzEqnEsJyIHG9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=56&cbvp=1&cstd=55&cisv=r20210524.55978&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 31 May 2021 10:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11032225182825;ec=11032225195996;adv.a=5418521;c.a=25886095;s.a=2552425;p.a=305010793;a.a=497745750;cache=406367268;
ad.atdmt.com/i/ Frame 20A4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.atdmt.com/i/img;adv=11032225182825;ec=11032225195996;adv.a=5418521;c.a=25886095;s.a=2552425;p.a=305010793;a.a=497745750;cache=406367268;
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
QvF+md0zLJgxy4fK9/0iV9Ho+2HeB1dQnc5rZvcRGV8a5kkucONdP4HGtIkT7CQC9yjwY/JA26f19veML48FrA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Mon, 31 May 2021 10:06:55 GMT
vary
Accept-Encoding
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F9F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 30 May 2021 16:00:38 GMT
expires
Mon, 30 May 2022 16:00:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65176
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cm
a.rfihub.com/ Frame 88EA
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEPNzOKxc8T7sHfyarvuVDvg&google_cver=1&google_push=AQvitUI1wEOFIfS-lnlhXesybky-ySDPwXKgbcWiKeeIl1X7HUZRu0Dw2ovhPBt_NJnE1kvsJot9-Bq_q0QH6W-eIloHxWa...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUI1wEOFIfS-lnlhXesybky-ySDPwXKgbcWiKeeIl1X7HUZRu0Dw2ovhPBt_NJnE1kvsJot9-Bq_q0QH6W-eIloHxWaCh6M&google_hm=Njg1NDk4ODA3...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:55 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 88EA 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHPK09Dhz0J19iFZkR57oqs&google_cver=1&google_push=AQvitUJ-p_l1q0rH2-tbfPpYG7N8K5mkybY0y5xmr81RhKcV8SMHrF0XpSRSJowWu5yv7qLyuX89Fi5VhL4gG2tr3wSDFXZgrKc
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 88EA
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAGLTuGogrIof-a7WAY9gLg&google_cver=1&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf1x3VarrIWaW0IuQ&google_hm=Htd6Uv3XR3GrLkczGc34uHQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf1x3VarrIWaW0IuQ&google_hm=Htd6Uv3XR3GrLkczGc34uHQ
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULFFs9Vmm90Lxz1XL4IaHBnZessPnu2WxUladQE5xvIkFxTe0xxgMHybDJloOZXfGq4ekQL7nZBxVf1x3VarrIWaW0IuQ&google_hm=Htd6Uv3XR3GrLkczGc34uHQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88EA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBR_P61oE3MKNmWWLy169fE&google_cver=1&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4sU1s&google_hm=NTAyNzUxNzkyNjI5OTQ0Mzk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4sU1s&google_hm=NTAyNzUxNzkyNjI5OTQ0Mzk4Nw%3D%3D
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 31 May 2021 10:06:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK0fCwx9p_h-R5r8NOaKB6KTzstG-1SqKScWa9IEnC0q5MxsiLeFD5TrV74qvVMGcZqcR9983EPg9pRWAUy3bOizr4sU1s&google_hm=NTAyNzUxNzkyNjI5OTQ0Mzk4Nw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 88EA 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEqgyOqLD0UI7OQrEYVq80g&google_cver=1&google_push=AQvitUK53BcaWA34RcvAfxHm8v7-6EcZvVGxJWr_Gfv4RIfCs3UKYjL1qX1xgFdDl4GCeNJ2W0P8DpIJl5i9CXKAoBbUo3dnvg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 01 Jun 2021 10:06:54 GMT
google
d5p.de17a.com/cookies/ Frame 88EA 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEH0SEbGnJbrLTUEcU7XR_p0&google_cver=1&google_push=AQvitULnJfNs9BgO0dxOaeNJ0JcCA5zSIiey0Ngu7d1FS5fx12NTsSuoicTX_67aYfYSardy_4Xwgja_b7yR63vlIb-E5OglL-k
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.181 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-181.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dot.gif
s0.2mdn.net/ Frame 88EA 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEKxOBkwXlEDghkoKj0umyxc&google_cver=1&google_push=AQvitUJqBYVlPJScYvDPiqIh8SjM3aD4qJ-Wxvn3aJfDFnCw3zlvqb2PFFKn5ysi8ZRJ-WwK4O3U-saIgrT4qEairFeNPvhzHOPJ
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 01 Jun 2021 10:06:54 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 88EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmORXMFnHBmvvYa34H5tYBDp7nCZyBb-MHYONmJKUHw8u8GCIhakO46OqZLNonadRNNqJ5tg
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:54 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
anime.min.js
s0.2mdn.net/5418521/1622220318416/300x250/ Frame FCBC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/anime.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58016
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6975
x-xss-protection
0
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 31 May 2021 17:59:58 GMT
animation.js
s0.2mdn.net/5418521/1622220318416/300x250/ Frame FCBC 		3 KB
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfbdf8136c415402793f4dec9ed0776197536e92b710b49989e1655bf34c9c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58016
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
0
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 31 May 2021 17:59:58 GMT
style.css
s0.2mdn.net/5418521/1622220318416/300x250/ Frame FCBC 		1002 B
417 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fe4b47de602589e4fbb5ab2ad6ee79456e6eb231a500f2bcb86a197a79ddff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58016
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
393
x-xss-protection
0
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 31 May 2021 17:59:58 GMT
txt_cta.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/txt_cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac952c264716f6b2b5dd7cbd4d34338f919ce25ce13d0d8f333170a3d9b561cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2248
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 7F9F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
100460
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Mon, 30 May 2022 06:12:34 GMT
bg.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2441c6fb8780a9815d6e5e5285f4e55da5d268147c89faa03cccbcd5d06383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7836
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
flagi.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/flagi.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc2431ed3e0756ba3e45e68cdecdd2073884c85a85e7d7d3266d902f00a5d6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2501
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
pasek.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/pasek.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2eeea6b5f6092c8880bc657c2dae0b669e388f19f68c3933ab676b2c7f0dd49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1232
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
disclaimer_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		580 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/disclaimer_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16e79822d3a9f8a8f6829413d4672987d2036731689971dbc266e4b278c033b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
disclaimer_2.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		833 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/disclaimer_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3db61a78b19859f1a85bc75b6d83c4e9f3dd105b11dd87cf38e9332d7df3a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
833
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
cena_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/cena_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb52dbd4ff9bd9619f968c33f132742c55aa2b5b72246d3bd44012f1dccb2bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
discount_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/discount_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cd9267b8696b28c580df153b5cfd23f4166c2ace32afcd46755e1c097102cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2449
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
price_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/price_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b57dc107cef3e947edac40bf6752135ad3afc772189d7c97d3f09c539768848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1781
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
cena_2.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		177 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/cena_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a75278ede993e8d1b196d2ccb896191b4e2ece3487fa1e28043a374506646ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
177
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
discount_2.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/discount_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fed598975a2a336fc6b82f1a97f994c3eb828e2d644b31dba53f7ec581103fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3110
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
price_2.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/price_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b330ccb1651ba533bac7f16eb05c3009d986bb722c48d5be13c3055e80746f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2676
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
produkt_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/produkt_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d65a52116e712fafc1840a2ff94f5ad82e583132dc6d3a8fbc4ef3da630ae183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:19 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9470
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
produkt_2.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/produkt_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64228432f2eecb8e3fa285fd4b46f71a5a8896dc4f9e1a6c56f749217b79d8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11139
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
txt_1_1.png
s0.2mdn.net/5418521/1622220318416/300x250/images/ Frame FCBC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5418521/1622220318416/300x250/images/txt_1_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c99b625a90059af53811d86d9ead4ffa200f25cd6d16601c73ab9ba89495729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5418521/1622220318416/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:59:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 16:45:18 GMT
server
sffe
age
58016
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
expires
Mon, 31 May 2021 17:59:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 20A4 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbQOw4tggZSbEAgBD0jyTGyzPLfjylus6y-riL-PhvgbQ8xhVcdjuGpwrfl2VoIH_373SpUHfJp9kbFyiEaSNb68P1zpVv-dCZhqgLE4FEXVwfBd0t7gwxlmFgIqHFqgbeQl1CajLybXWE6KqtShnzSWFoP9YrcmfyfQzTCNLKEetOF3g46IIOI8qMsQDR7N0BPw1BkRlJ7_xOU9PzCtf_M9jhJvUTXcu1do8yTwFKvASweGYUGl7elgY222RwAB3ebkZS0UeFJtmhY4R9C8TUU5T1t0e9iWqhfM4WtZzyqLwHWmr4sK_ROaJEoOyR_y7j-xcIvud0AXY2NiXo1Pq5F3T-7IIgvE-vEegzcUJRGPupCK_7P8Y5hDfRN-pNP3r1WvLDtkWiUns3AogG8JnDPF00Ko_mkJnHrCTUFuJrrsgWaTyAIHbftDkvetdfntU59tVFAn9EgzdhQS27xcwbECbyTqLxzp52yg7TfC5bGHs8HzyK2xvBxQ0YlmC8ioNKe2-eJoqFXZZBPZlogo05egt4FRA3wI_jUF5WrcBI7u6Br3r312CSsuNf4OJJsOS7Bi7AAajbYKTLYvoqRYKVg6FQQnO_tg-5JkpJ7O03nWplF2eLFY0ogq6M25gABHILAdkPw-vFyG_Jkn40m5dJfNVWQ3ywyC-z9whqSojrMYEZjFfxJivUSWph57318YeBMiwA-Sv2Y_Z8lZQJdyiut5vdrT_D41Mv_F7-dS2uxcx7mAFj-mL1IyD5ZBtn2mWbAe9CRsvkI29gY_WKPPzrGnjhBaqZsoXgr9mYem1g1miDiWKGa-a6-YL23ZOkcjXvpLq47fovDTyxFc0VG1j0Ei8Rve1MlVgoIvFURFLolJAT4XYXgCQ-N6ZLZ8eXOo86HZZNq-fdiKwPA6TMZLOoc4jM1nieaB_KAxjtGyRZbx9XZBNWyuMjugdVUMgZuwptubSoVGatNaUPPMfnD3pJTFtOhvT8IrUJcuI0abWoo2KbfaUjRcfD7V_r_yq5ZaXRD9dxa5hMpR4hQGqHeVLN0yvXwvAROjA5DXhMC-lo597DKAmb-i1unYmcU7uRMZAawTrmXb1kqvnkwYeUTb5wK503JOw8xumncRYnmu8_VJyZ459u24Wy4AX8RxBxzi2Zfylv_DLar3Q1QgmQ7u-jrz2go_hdJfa1gRIxwUMFwxB_B4QmeLcBpq3DUIevlmoLAHIZ_B7__9oh5MRx4LtxUnlWzVJ4Kuf30ODxxyzYZ_ZJ4wu9&sai=AMfl-YRLwHxPYF5hZJJuUAtI_u915g85q_I-8R_CWm6qhM6cEsVmj0G5CXFVuog4GnEJX7y-aSyMy_HNuOruk9d5du1k-WlhAtxVsc86SJXmv9Mt5mDhR9qu-fyIaO7MuWIvjkDwrrdhRIwx0KYUI198gbQKE99QaPwBFXiEcTIWP0dizPEQqukk&sig=Cg0ArKJSzEqnEsJyIHG9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&vt=11&dtpt=70&dett=3&cstd=55&cisv=r20210524.55978&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxQwNT46CMVsag4T-6yIrvn6xAW6A0ZVkCk4XlSdNkPgchfES2zNIJgb1G0O5rOfq-gh4_WOO71VHTUB_SUXXV18Cr5Sc1wiceSDWtvFuM9Czu6Hv6HxeLRN3g1w&sai=AMfl-YRy-ylIAQPoOuTULrCHZN_Np7lAH_hTtHQE1U8p7P82_FKv96yIkYK1wP_4_esLxono6n4E3K2FREXAA3GYQ_GUWGuRIKLHGwWMIydM6PPsE724La6hvGtGmqU&sig=Cg0ArKJSzKPVUZs9A0eyEAE&cid=CAASEuRogrlPVsi3YEbDHWJPCr_rWg&id=lidar2&mcvt=1004&p=411,1055,665,1355&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=400162579&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622455613073&dlt=8&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIQiDqxTWDYLL0Uve-UrMhf_XtR830eZscwYDB_lPqNR8PX9BkGJgBwoOkL71rUJwbdyHmoTHnjRfNVhV7v6OBG1F-u9Jg&sig=Cg0ArKJSzPK-lJZIlLYREAE&id=lidar2&mcvt=1005&p=0,0,250,300&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3595875760&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F9F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5RwDPrW0YNzbHrWkrATQvKeIBAAAAAA4AeAEAg&bg=!mpmlmd3NAAaMan2LjGo7ACkAdvg8WpX0jHGCOALrYlcTCrCNpDsxv_9sxqtf9g-K0pQ6Y9OX0v5JagIAAACLUgAAABBoAQcKAKDCfHuj3X0fj7XNj63tNqMjjYW6Do6IhLVGzyZLTj8lQd1JJanOeN4kMXtjSBHN6sGn_D41X3FKWbEp1gf4j-aYOQYitsp9R9CIW5DrmkyWaWroK8EtTyhEpktAGy2xJuHG2tmlUGgQLeTtugVjYk300w_cTogJntqnasje6jZ6UhzMled4Sw67A6Btlw3BiKY6xzIXAl3Gay_ID2zD1DF4mQKHu2uUUFMO_5prkFksRo4Im2gHh6oS0zNJjHX2ytjAx16euj6E0PZsje95W8h2TpnwgdHtr5coS_6qfRgYKGcPw4X1Ldsz7CITrPUBqGViIm6CNQNS_eEBdo9qzOvm2V0cNp4YFqetsPe7LyPN1dACEjtJKDcUQ2Wj_sHvp1HHz42_SZYtjtnybNSvZwQNByY8KpHw2H1tvpLx-CzI5MTnr0zXfj3YWug8zuoBQH7LWJCTXlCw4N27bYNTFuIQ8ZAuZ8BI8yiNT13HOrWN41SSeEtVDPR3auMvv4u6DQtaSc9ziLgdZcfnwCxT5qqfJGzxs6lgfenuNzHCbNlOQ10_WQIo25is2fWu8NqUtIlSTegEkZll6qLgxgdsHsgnB1rwkQBcGwA1JkKJ8OeAto3-1CEJgpgGq-LANhFVUm0wJEtjwQQuLjrChoWwytalJHymbeN5rVxFYWD3wzTqEM2udgcjMrUHZ8XpAN6jYWQnqCeN-aX62jEdepQUWej-f5L9PLFFUAk1FwYvsMLbfGgHdYaeHBnKMQX9YJcNEGqAz27IPcW8i5QURTjilmh3R7YLW6yVNe_WsIpisLKvkePKXKsjwZCay3XFfMjzmzHVrzYXtVb9chB537J58_pKVX1EzccmcyPj4n_0TpQVQzjUeGMISHlCdRanC6295hBbIrV6Y9kOyUldvVaAgEg8Yx6n0CtJldveTny8kQmUYOs5i2krvs0fAwYodUcOW_U9Y3JlKf0nNwxv-yjFPLB_TqQEBYY2VoQoEFJR96OpLv6AKxKqS1Pi74KLKoXDZnFUnkFJ2RxybLTF-o3tM7POt6dfUv_yexIOkVQFKBNqnxnylXAfanAIgxI
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2977 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCNOGkHRfa9C7VJJf6tYS_cUYA-2TBIASUDAbqEomFGBX9qIASeIF16bwV79dTye4mdZk9eyUpRkSf3cQ2B4GEs_B9PU28A8LSHix7iXbOrZ0XdsIz5xwkwKvcCw&sai=AMfl-YQPQ7ZdjbHhjjM6nHdcWK-DCouPZ48mqL07dwwrpBszkn4HdSkRPOYzbq6sA_iw65xDsO0h6KJ9N0umMd6oTWpnc_fgWm4v9F6NzQXztB3S3b6MiGP9b7V2BQA&sig=Cg0ArKJSzChM35zvXi8SEAE&cid=CAASF-RozblNijSZGC5niWWSoJCLz7R2BcwX&id=ampim&o=436,1230&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=116&tls=1116&g=100&h=100&tt=1116&r=v&avms=ampa&adk=39845917
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D926 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 31 May 2021 10:06:50 GMT
expires
Tue, 31 May 2022 10:06:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
5
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2DD9 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkiBfCa1SJu1bi6wBXK4XqlXD8eS2rknNW8ywbr0dC2wqurhwdKPNik_6ogsHs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 31 May 2021 10:06:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D926 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN2xJ5_E6c2Q-iawKAp-SkdSHM4g3-K1hUUaMSVwjBVRHblNeqdcCJjY-A5GST9v56Qy0Y5UZSpWoGOO8Fv1lQrFfXfXvByxNmVlxgJFxivbJgksNkQCuu3h7qncEnkPeS2T3lLCaNqs5HjCra351S28muAQ&dbm_d=AKAmf-BN6zHrrMKIHl59Y24IkyJFw3oUrHdNLT1ha-AliqjWT9ILirue3WmCRF9uDVA310YMcjPHc83xkUlibSR5aafYiLW1LO4f5XeWZLawTU5ID3bbA5Rswp7PfC5ZfPD8Mo1t-bsfIEOZ0gqgLj7YwYfC45gElF7OaSYs1OLSQqsFlLHETFo4YSadPkXuAKNcz9higBt6lLMGzwdXnZLFuhAT0AGntgbSscE0Imf59U14UOkAM46e1g0Pzkhw6QeozyrEEgMVRw2NDyWE9ZyCq5Y2mUbTHZGBeSpHRsczDBcCit6pS68vHC9aAr2l59mWakEb6q9rSBiSsFk9owBK6cqc0YjozsMhVTN_854rTc8MenWoG_QXiQTjoY9im2VyyLqN6juDcq2QoE_0VRVsgG8F4UoYGQIyYnjOcnMS5Cd5tFs3i4ah1xf-mKtSwT9dyAGcIJbN_hVOb8q0M-GWbyLBrKEuU5u1eNARERDumq1qp_6DCo8KYwLDzIhIl8N0ek3-W_KpSfYaKnQap-7W7nVDq4EAHI7f-QIUQv3mnXeo8w8Kiim9n8Ze99HLdcwYgGv5IXMeXxKBMopau6uQT7zSJLTBEU3yLo6NRl-194zd8lyzJmrDEKfbhkZZFTEAX5MIaBSFO9jR8uy1QLbg8WH7pJ2duh4aeJZYI5KUAgUBkqbpB-sUkoXXfEANCm8T2NVwRX-8YZM3QNNEycS9UFolohmyPa4SOc0yFKY3HMBFvlEuQ669841_IqJXMFlQuuOWMMVJNpSekooVp2lSy9_NpvXjrT3-whPIoSctVaQoWJGQn3RZ0tyebWZrk_T_AU03xdvyuIz7Bx367K2_Ewh2Co21NRpw_nbiLUAb9TowQCmB0_oLrNpq50pf6a9m2az9popCLzhGiZZIONaZiVV0zHvuilmewpMMcQKA-W3iJm0P86RHimFbY26dQWEygOpAnQFwJQYJomprrW9IxQlhO5yITXAx3DaEb5Dac7JT7Hmg7dzGsI3BHK9ELoh7GVNTHqNMAt4UZJFJckebR4YvOvQDlIZCxmvJT3j9xD7xtw5W3FdihU0tJMMCx-bCYlVs4HqDgJysrO-G8fEb-7s8UTbsIVMSjleUjdN5fXRUMHh6tZXwDTkxtYx4QgonY4-rlDpuFxcOQc0E3oE1e2Jl8pygtx3xVlVmOAbHzu1NU8wHQnJm8EtD5zHYC_DGlkiqqq6kj9fK9u-bJXjJ0keOp-WJV8pKwCIFOORlPIRdhkU0lsAOPwkbCO3O_x1LqwOv_wt6OGbmbYwvf_Csa5Q-mwGsiZzvhdVpXYvDF2IcL28oV3B19cXPOsZ_VBQ6hvxIA0FwrtMJYkhQ6RO0hAB-63uJjAFKpq7R_t_sGOi2c2F5QmaCxYP5rotD_DPiJ9DtFPcz5y6jtMWjrkYv7DRwPEBv8MVXvLOwblBtdd_95TbzOVsUW1OAIZZ3yUEqh27DYIJ47IO_hz1wbvqiuX8Q02nCGlmnDbrPAxKcyQf9LB9mj7b57sFQ7Cs_D1VmaMbOjcy4o7F13OoNWEfvg4-p9bGh8wdIc8wC78CNri1tGDGTvPhCOB5mmn-Wr1VUwzNCA9h9vAiQTWR2RhVBmaPJ-rvUqP-f6WMEkvb5g6CyzTeA0laIag-lHQ12cGIRZ4Y6hrtmcI9Oy1lTGs0kh7g44eZGl1QC7fbzoQsJwQXVpxamNvzMeMGklrtU5FNPiPujOsG-GGlhYvc63lFtwTyws00O38GQnEIMRnhZ-OOKNCA-VRAp2TBegmnARcFc87KJRWJmfTkIXHs7XDM3yADp47cLM2p-278cAm9SoPTEL4d8OILrG1PhHp6lINgtDtz8xGNG1is1GXQeYUjXJsC-Ujd1o_DVzTteEFLNgLB_Mf85eZG_B9pQ02uK6gKnUaEDF8vuCltuvKSu7kjh-BG3IpHR33rDfGk_7w6ms6HNdxrFJUaMuy9Y0uQDNo60J0hP1NRk3BeB9whAZDYA-siGL6TsOjRld7iUEWFYyr27Mo2QHfS39nqJTmxd4H9hPT69ZM-FAvMctalvVgdipeZQ-MbkUyJB_hqLgvLwmPT6vnOvTchCsd1j79fqs1wC8sQPwvlV7RylxINifc2k8ooYjbmBxLrOZgmDTsA0swXRovrmYUnbf4NIlJfwa5UHnKffBiBkVbxp1yoB6DXXlzvb-mtTnpfScgOvgN3mTDCOBUolMa-njjjasOLVECbpi183zM9Um_Kdp1L-AztJIWpZZWLT41vYz9gfaD6c_trBMHt7cOxPCmcSPPXKbUgmMJT0J6R8mw4NdpEy5W9kEHMvMMejxra3Ey3VvJqW1iHVU6aCRCwIZxHyunuOUSKg9Hd3Ts1mtyTYf-i2uKqiRunS9gaTgQq4To4x9V2QlG3__e9-z1j70_hKTzFY4Uwn3XVeUUZAD45hklGRqjJqy7CGgRXH6E73uQ5ePrT65xy9bZQwX7sKYQSlJ6Bkw8MWSjVgSobuP4-24bABzQm6HA9xVUba9byAdDrVV4-h2k7Y_Wd0NsfhWaoIWTp-p1D0qLgH8ZXp3Z_xtzF-uFoR_F8VRTUNZd-RmXuV9p6Samp-KHmwYqHWjTX8nNHKOHGG5-T1GsH3AGW6c_j_TffG1YU_H5esyyyd6klIvoi399PjU6wGy0UQs92ovb1p57eYL08KzD2zwSZMIK_ivt0aHRp1qUIMX4K4fOSFY6YcxTO-O5xgie4F9QA4KCrTlkHAUXXx5Byq5PH0BvZUzcI75ish1YDNpLntpFJzJYqsvPZ6qw-QCfjwdc4kZoLRkaste8IbscpAwr3YLFInmz8K2ID3Na-jQeP-x72wbIsFK4OfhAMHjJWw48lL2z8pK-89gakOBUndf7cG2TSGN2QOtMTkvRhjirwhR17hWYc4-_97Spn1vOLdn4mHqiOu3q9Flgor5OmlKFWT5IZVJhGO7KEqvrL58z2SUhlNe3TcJYcEJAywDrAX0K-ZgHa2m8l4oK7aq3iWsK8TVefXTdos28WgSOSfA-zZsY4OLsg1zU27IO5vVOYm9hqXHBmbeyhQV2sdUILLwHz9eS3voX20tgePEnhtrCok4Rr1P2-RbujSGzjNzL_Pd7hneN8LfGhf43zScthHp8J02-Zboi7ZewRKQmE8rcAHcLR2QiNtb9SIqs6XNWVFtfzkSSvPGKzt0JoXPNSlT1DMf1AwmX95jP2ForabYWlF6-vEywYVkOO4sMV29k39bp-dnJ2l1ISWClTSf3B7Fpvx_QO9HsriiuVdwpKGKRYF0k_9gc2S1INyoql4CvqXF9yJw_WX_EMySMR_g91XvBHSotdQFmxF-ruP9wgE-CC98WE8h-s7wkY5SMseOjfcYuou1c_Eg81zwY_eUosJ&cid=CAASEuRo0dApg-9TzQfIVdUrWVYnPQ&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14a4a2ba746fd65156fb7656e9472f6101bcce625ba0991abdaa1204b1ad7364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23870
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D926 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcJaKTbNL7VQeMWnPqs6OaebNjt8qBOyYTEIRHChhaDF8Tx_iYs4cLoeSdJ8szd1UwraaMAALoFG1x1SSwXJefmDQ3damRcxMvgxW55JJtUTiQ-no
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame D926 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:05:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D926 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 10:06:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame D926 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 09:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 09:58:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 2DD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:55 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2DD9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLS1PiTCvhLrCmMPn1zpYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 May 2021 10:06:55 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJNRnTPoJbX2h-OIVjLwJI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2DD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB0OEth61LVYVB4epx4e4fo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0OEth61LVYVB4epx4e4fo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid
16b87ab7-8f98-4d17-a9f9-6c998927db2b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0OEth61LVYVB4epx4e4fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2DD9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3FiQEQ27r1AhjzjJ-oATAB&v=APEucNVyhT7u72w8EFRgdw92Jj5CjgIz73y1l6__l2dk72_Lro5_s7bK0p1qKFpSUyewbAxCy4ZsxfkZ4rUiq4eH1OHre2jXDfbhHZiOKLHHWQ16hiT6QJ-HukUnLInBkN1EHRfeI7ugiR47b7xFq2Aysg2n8KuOIrpT19R6t0x17InLryLDGEM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
eaab53cb-7f6d-4e0f-889e-7b5b9615fd02
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxNDk0MDM4MTUzNzY3NTMzNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame D926 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65524
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 May 2021 15:54:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame D926 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN2xJ5_E6c2Q-iawKAp-SkdSHM4g3-K1hUUaMSVwjBVRHblNeqdcCJjY-A5GST9v56Qy0Y5UZSpWoGOO8Fv1lQrFfXfXvByxNmVlxgJFxivbJgksNkQCuu3h7qncEnkPeS2T3lLCaNqs5HjCra351S28muAQ&dbm_d=AKAmf-BN6zHrrMKIHl59Y24IkyJFw3oUrHdNLT1ha-AliqjWT9ILirue3WmCRF9uDVA310YMcjPHc83xkUlibSR5aafYiLW1LO4f5XeWZLawTU5ID3bbA5Rswp7PfC5ZfPD8Mo1t-bsfIEOZ0gqgLj7YwYfC45gElF7OaSYs1OLSQqsFlLHETFo4YSadPkXuAKNcz9higBt6lLMGzwdXnZLFuhAT0AGntgbSscE0Imf59U14UOkAM46e1g0Pzkhw6QeozyrEEgMVRw2NDyWE9ZyCq5Y2mUbTHZGBeSpHRsczDBcCit6pS68vHC9aAr2l59mWakEb6q9rSBiSsFk9owBK6cqc0YjozsMhVTN_854rTc8MenWoG_QXiQTjoY9im2VyyLqN6juDcq2QoE_0VRVsgG8F4UoYGQIyYnjOcnMS5Cd5tFs3i4ah1xf-mKtSwT9dyAGcIJbN_hVOb8q0M-GWbyLBrKEuU5u1eNARERDumq1qp_6DCo8KYwLDzIhIl8N0ek3-W_KpSfYaKnQap-7W7nVDq4EAHI7f-QIUQv3mnXeo8w8Kiim9n8Ze99HLdcwYgGv5IXMeXxKBMopau6uQT7zSJLTBEU3yLo6NRl-194zd8lyzJmrDEKfbhkZZFTEAX5MIaBSFO9jR8uy1QLbg8WH7pJ2duh4aeJZYI5KUAgUBkqbpB-sUkoXXfEANCm8T2NVwRX-8YZM3QNNEycS9UFolohmyPa4SOc0yFKY3HMBFvlEuQ669841_IqJXMFlQuuOWMMVJNpSekooVp2lSy9_NpvXjrT3-whPIoSctVaQoWJGQn3RZ0tyebWZrk_T_AU03xdvyuIz7Bx367K2_Ewh2Co21NRpw_nbiLUAb9TowQCmB0_oLrNpq50pf6a9m2az9popCLzhGiZZIONaZiVV0zHvuilmewpMMcQKA-W3iJm0P86RHimFbY26dQWEygOpAnQFwJQYJomprrW9IxQlhO5yITXAx3DaEb5Dac7JT7Hmg7dzGsI3BHK9ELoh7GVNTHqNMAt4UZJFJckebR4YvOvQDlIZCxmvJT3j9xD7xtw5W3FdihU0tJMMCx-bCYlVs4HqDgJysrO-G8fEb-7s8UTbsIVMSjleUjdN5fXRUMHh6tZXwDTkxtYx4QgonY4-rlDpuFxcOQc0E3oE1e2Jl8pygtx3xVlVmOAbHzu1NU8wHQnJm8EtD5zHYC_DGlkiqqq6kj9fK9u-bJXjJ0keOp-WJV8pKwCIFOORlPIRdhkU0lsAOPwkbCO3O_x1LqwOv_wt6OGbmbYwvf_Csa5Q-mwGsiZzvhdVpXYvDF2IcL28oV3B19cXPOsZ_VBQ6hvxIA0FwrtMJYkhQ6RO0hAB-63uJjAFKpq7R_t_sGOi2c2F5QmaCxYP5rotD_DPiJ9DtFPcz5y6jtMWjrkYv7DRwPEBv8MVXvLOwblBtdd_95TbzOVsUW1OAIZZ3yUEqh27DYIJ47IO_hz1wbvqiuX8Q02nCGlmnDbrPAxKcyQf9LB9mj7b57sFQ7Cs_D1VmaMbOjcy4o7F13OoNWEfvg4-p9bGh8wdIc8wC78CNri1tGDGTvPhCOB5mmn-Wr1VUwzNCA9h9vAiQTWR2RhVBmaPJ-rvUqP-f6WMEkvb5g6CyzTeA0laIag-lHQ12cGIRZ4Y6hrtmcI9Oy1lTGs0kh7g44eZGl1QC7fbzoQsJwQXVpxamNvzMeMGklrtU5FNPiPujOsG-GGlhYvc63lFtwTyws00O38GQnEIMRnhZ-OOKNCA-VRAp2TBegmnARcFc87KJRWJmfTkIXHs7XDM3yADp47cLM2p-278cAm9SoPTEL4d8OILrG1PhHp6lINgtDtz8xGNG1is1GXQeYUjXJsC-Ujd1o_DVzTteEFLNgLB_Mf85eZG_B9pQ02uK6gKnUaEDF8vuCltuvKSu7kjh-BG3IpHR33rDfGk_7w6ms6HNdxrFJUaMuy9Y0uQDNo60J0hP1NRk3BeB9whAZDYA-siGL6TsOjRld7iUEWFYyr27Mo2QHfS39nqJTmxd4H9hPT69ZM-FAvMctalvVgdipeZQ-MbkUyJB_hqLgvLwmPT6vnOvTchCsd1j79fqs1wC8sQPwvlV7RylxINifc2k8ooYjbmBxLrOZgmDTsA0swXRovrmYUnbf4NIlJfwa5UHnKffBiBkVbxp1yoB6DXXlzvb-mtTnpfScgOvgN3mTDCOBUolMa-njjjasOLVECbpi183zM9Um_Kdp1L-AztJIWpZZWLT41vYz9gfaD6c_trBMHt7cOxPCmcSPPXKbUgmMJT0J6R8mw4NdpEy5W9kEHMvMMejxra3Ey3VvJqW1iHVU6aCRCwIZxHyunuOUSKg9Hd3Ts1mtyTYf-i2uKqiRunS9gaTgQq4To4x9V2QlG3__e9-z1j70_hKTzFY4Uwn3XVeUUZAD45hklGRqjJqy7CGgRXH6E73uQ5ePrT65xy9bZQwX7sKYQSlJ6Bkw8MWSjVgSobuP4-24bABzQm6HA9xVUba9byAdDrVV4-h2k7Y_Wd0NsfhWaoIWTp-p1D0qLgH8ZXp3Z_xtzF-uFoR_F8VRTUNZd-RmXuV9p6Samp-KHmwYqHWjTX8nNHKOHGG5-T1GsH3AGW6c_j_TffG1YU_H5esyyyd6klIvoi399PjU6wGy0UQs92ovb1p57eYL08KzD2zwSZMIK_ivt0aHRp1qUIMX4K4fOSFY6YcxTO-O5xgie4F9QA4KCrTlkHAUXXx5Byq5PH0BvZUzcI75ish1YDNpLntpFJzJYqsvPZ6qw-QCfjwdc4kZoLRkaste8IbscpAwr3YLFInmz8K2ID3Na-jQeP-x72wbIsFK4OfhAMHjJWw48lL2z8pK-89gakOBUndf7cG2TSGN2QOtMTkvRhjirwhR17hWYc4-_97Spn1vOLdn4mHqiOu3q9Flgor5OmlKFWT5IZVJhGO7KEqvrL58z2SUhlNe3TcJYcEJAywDrAX0K-ZgHa2m8l4oK7aq3iWsK8TVefXTdos28WgSOSfA-zZsY4OLsg1zU27IO5vVOYm9hqXHBmbeyhQV2sdUILLwHz9eS3voX20tgePEnhtrCok4Rr1P2-RbujSGzjNzL_Pd7hneN8LfGhf43zScthHp8J02-Zboi7ZewRKQmE8rcAHcLR2QiNtb9SIqs6XNWVFtfzkSSvPGKzt0JoXPNSlT1DMf1AwmX95jP2ForabYWlF6-vEywYVkOO4sMV29k39bp-dnJ2l1ISWClTSf3B7Fpvx_QO9HsriiuVdwpKGKRYF0k_9gc2S1INyoql4CvqXF9yJw_WX_EMySMR_g91XvBHSotdQFmxF-ruP9wgE-CC98WE8h-s7wkY5SMseOjfcYuou1c_Eg81zwY_eUosJ&cid=CAASEuRo0dApg-9TzQfIVdUrWVYnPQ&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:04:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame D926 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN2xJ5_E6c2Q-iawKAp-SkdSHM4g3-K1hUUaMSVwjBVRHblNeqdcCJjY-A5GST9v56Qy0Y5UZSpWoGOO8Fv1lQrFfXfXvByxNmVlxgJFxivbJgksNkQCuu3h7qncEnkPeS2T3lLCaNqs5HjCra351S28muAQ&dbm_d=AKAmf-BN6zHrrMKIHl59Y24IkyJFw3oUrHdNLT1ha-AliqjWT9ILirue3WmCRF9uDVA310YMcjPHc83xkUlibSR5aafYiLW1LO4f5XeWZLawTU5ID3bbA5Rswp7PfC5ZfPD8Mo1t-bsfIEOZ0gqgLj7YwYfC45gElF7OaSYs1OLSQqsFlLHETFo4YSadPkXuAKNcz9higBt6lLMGzwdXnZLFuhAT0AGntgbSscE0Imf59U14UOkAM46e1g0Pzkhw6QeozyrEEgMVRw2NDyWE9ZyCq5Y2mUbTHZGBeSpHRsczDBcCit6pS68vHC9aAr2l59mWakEb6q9rSBiSsFk9owBK6cqc0YjozsMhVTN_854rTc8MenWoG_QXiQTjoY9im2VyyLqN6juDcq2QoE_0VRVsgG8F4UoYGQIyYnjOcnMS5Cd5tFs3i4ah1xf-mKtSwT9dyAGcIJbN_hVOb8q0M-GWbyLBrKEuU5u1eNARERDumq1qp_6DCo8KYwLDzIhIl8N0ek3-W_KpSfYaKnQap-7W7nVDq4EAHI7f-QIUQv3mnXeo8w8Kiim9n8Ze99HLdcwYgGv5IXMeXxKBMopau6uQT7zSJLTBEU3yLo6NRl-194zd8lyzJmrDEKfbhkZZFTEAX5MIaBSFO9jR8uy1QLbg8WH7pJ2duh4aeJZYI5KUAgUBkqbpB-sUkoXXfEANCm8T2NVwRX-8YZM3QNNEycS9UFolohmyPa4SOc0yFKY3HMBFvlEuQ669841_IqJXMFlQuuOWMMVJNpSekooVp2lSy9_NpvXjrT3-whPIoSctVaQoWJGQn3RZ0tyebWZrk_T_AU03xdvyuIz7Bx367K2_Ewh2Co21NRpw_nbiLUAb9TowQCmB0_oLrNpq50pf6a9m2az9popCLzhGiZZIONaZiVV0zHvuilmewpMMcQKA-W3iJm0P86RHimFbY26dQWEygOpAnQFwJQYJomprrW9IxQlhO5yITXAx3DaEb5Dac7JT7Hmg7dzGsI3BHK9ELoh7GVNTHqNMAt4UZJFJckebR4YvOvQDlIZCxmvJT3j9xD7xtw5W3FdihU0tJMMCx-bCYlVs4HqDgJysrO-G8fEb-7s8UTbsIVMSjleUjdN5fXRUMHh6tZXwDTkxtYx4QgonY4-rlDpuFxcOQc0E3oE1e2Jl8pygtx3xVlVmOAbHzu1NU8wHQnJm8EtD5zHYC_DGlkiqqq6kj9fK9u-bJXjJ0keOp-WJV8pKwCIFOORlPIRdhkU0lsAOPwkbCO3O_x1LqwOv_wt6OGbmbYwvf_Csa5Q-mwGsiZzvhdVpXYvDF2IcL28oV3B19cXPOsZ_VBQ6hvxIA0FwrtMJYkhQ6RO0hAB-63uJjAFKpq7R_t_sGOi2c2F5QmaCxYP5rotD_DPiJ9DtFPcz5y6jtMWjrkYv7DRwPEBv8MVXvLOwblBtdd_95TbzOVsUW1OAIZZ3yUEqh27DYIJ47IO_hz1wbvqiuX8Q02nCGlmnDbrPAxKcyQf9LB9mj7b57sFQ7Cs_D1VmaMbOjcy4o7F13OoNWEfvg4-p9bGh8wdIc8wC78CNri1tGDGTvPhCOB5mmn-Wr1VUwzNCA9h9vAiQTWR2RhVBmaPJ-rvUqP-f6WMEkvb5g6CyzTeA0laIag-lHQ12cGIRZ4Y6hrtmcI9Oy1lTGs0kh7g44eZGl1QC7fbzoQsJwQXVpxamNvzMeMGklrtU5FNPiPujOsG-GGlhYvc63lFtwTyws00O38GQnEIMRnhZ-OOKNCA-VRAp2TBegmnARcFc87KJRWJmfTkIXHs7XDM3yADp47cLM2p-278cAm9SoPTEL4d8OILrG1PhHp6lINgtDtz8xGNG1is1GXQeYUjXJsC-Ujd1o_DVzTteEFLNgLB_Mf85eZG_B9pQ02uK6gKnUaEDF8vuCltuvKSu7kjh-BG3IpHR33rDfGk_7w6ms6HNdxrFJUaMuy9Y0uQDNo60J0hP1NRk3BeB9whAZDYA-siGL6TsOjRld7iUEWFYyr27Mo2QHfS39nqJTmxd4H9hPT69ZM-FAvMctalvVgdipeZQ-MbkUyJB_hqLgvLwmPT6vnOvTchCsd1j79fqs1wC8sQPwvlV7RylxINifc2k8ooYjbmBxLrOZgmDTsA0swXRovrmYUnbf4NIlJfwa5UHnKffBiBkVbxp1yoB6DXXlzvb-mtTnpfScgOvgN3mTDCOBUolMa-njjjasOLVECbpi183zM9Um_Kdp1L-AztJIWpZZWLT41vYz9gfaD6c_trBMHt7cOxPCmcSPPXKbUgmMJT0J6R8mw4NdpEy5W9kEHMvMMejxra3Ey3VvJqW1iHVU6aCRCwIZxHyunuOUSKg9Hd3Ts1mtyTYf-i2uKqiRunS9gaTgQq4To4x9V2QlG3__e9-z1j70_hKTzFY4Uwn3XVeUUZAD45hklGRqjJqy7CGgRXH6E73uQ5ePrT65xy9bZQwX7sKYQSlJ6Bkw8MWSjVgSobuP4-24bABzQm6HA9xVUba9byAdDrVV4-h2k7Y_Wd0NsfhWaoIWTp-p1D0qLgH8ZXp3Z_xtzF-uFoR_F8VRTUNZd-RmXuV9p6Samp-KHmwYqHWjTX8nNHKOHGG5-T1GsH3AGW6c_j_TffG1YU_H5esyyyd6klIvoi399PjU6wGy0UQs92ovb1p57eYL08KzD2zwSZMIK_ivt0aHRp1qUIMX4K4fOSFY6YcxTO-O5xgie4F9QA4KCrTlkHAUXXx5Byq5PH0BvZUzcI75ish1YDNpLntpFJzJYqsvPZ6qw-QCfjwdc4kZoLRkaste8IbscpAwr3YLFInmz8K2ID3Na-jQeP-x72wbIsFK4OfhAMHjJWw48lL2z8pK-89gakOBUndf7cG2TSGN2QOtMTkvRhjirwhR17hWYc4-_97Spn1vOLdn4mHqiOu3q9Flgor5OmlKFWT5IZVJhGO7KEqvrL58z2SUhlNe3TcJYcEJAywDrAX0K-ZgHa2m8l4oK7aq3iWsK8TVefXTdos28WgSOSfA-zZsY4OLsg1zU27IO5vVOYm9hqXHBmbeyhQV2sdUILLwHz9eS3voX20tgePEnhtrCok4Rr1P2-RbujSGzjNzL_Pd7hneN8LfGhf43zScthHp8J02-Zboi7ZewRKQmE8rcAHcLR2QiNtb9SIqs6XNWVFtfzkSSvPGKzt0JoXPNSlT1DMf1AwmX95jP2ForabYWlF6-vEywYVkOO4sMV29k39bp-dnJ2l1ISWClTSf3B7Fpvx_QO9HsriiuVdwpKGKRYF0k_9gc2S1INyoql4CvqXF9yJw_WX_EMySMR_g91XvBHSotdQFmxF-ruP9wgE-CC98WE8h-s7wkY5SMseOjfcYuou1c_Eg81zwY_eUosJ&cid=CAASEuRo0dApg-9TzQfIVdUrWVYnPQ&rfl=1%2Chttps%253A%252F%252Fjalantikus.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8609
x-xss-protection
0
server
cafe
etag
7365582700020686358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 10:03:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D926 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65177
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:00:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3896 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 31 May 2021 06:38:34 GMT
expires
Tue, 01 Jun 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
12501
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D926 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c13154be2e4f736960a397be5161723e25f21934ad508e5a7147902227df964

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 46CB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 30 May 2021 16:00:38 GMT
expires
Mon, 30 May 2022 16:00:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65177
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		89 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10008955/1620373602480/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d85de70bc0d7b51c884e182697034cbd6194315c7d46316ff0eeb2082af543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10008955/1620373602480/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
19737
date
Sun, 30 May 2021 15:36:57 GMT
expires
Mon, 31 May 2021 15:36:57 GMT
last-modified
Fri, 07 May 2021 07:46:42 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
66598
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D926 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcbvd8oDUkx7jEIP5OzYluVTmTJLPiICtq_40j6pVXhCSOMCzZkj0R6kkJFCbtDreRcjsX_jz5gt5FX8PSQUPOt_a2DMhca-X4WewUNn8-5M4n1Pt3Q5y8qvWqg90CFP8VchWyvz9hb3w0zQb3jO_tkQWUB6qkjYKiFMf66VtaNfdiM74pjvw97WPYtdRpyo7KfXuA5e0OsGtejVIG3M8vLHkpj_5GCnICj6OWFG8a1PVhpWGXUNrKQuZrgHeqlrG3gQMBrLpEsfSIMCzDRuDkxd7tq5Z0H0xjyLdP7zC_15m36_ifIBfdqjry5nGuZJ-T-yIEZhBfP4StKS16S_NbA0-R2VJO1W5ZxiqaDNaZoiaLhYt0TFTEQETHp-7OKoGJhaznufW1lFPDiKamyy1nynxTFicRaK94oXeTLYNV9rl4bYCIaE6kLK_Ij7WTdri2Vk0b7gYplOp0v0INUPyRfZ9MhDAcg_B6a8JW2JoO86FKnSykHVi4L2uzg7Hx0wk0UkduwfKSY8A5LvgtoWmh8rPsmhncNzq4yPxGn5sQJsTMx1A_degsWa_RonpSAfQZCkvy01GcVBaUS-cCOHBXqaYNOyLVLWLBgZ7PtW_h506lpuWHBcxNXDVKUxu4XFsUVKcpPsKpkkxR5u4uFxYAQxFaTVu27PwyMJgJq1Fdt1bX2ck7XlXZmOsAkyohnatHEp-3ppBVZChiYq8mCC4hfZCIngv2b7YU1OsIFEO9YLCRlIhCzIGKsygWFprzaOvmLADA7CAkhFUwoUQuBTURoiUWkCquRxneKpsLiWMwLSkitP5RuvyzNzd19QUpUStJlIrmLoTNI3grG-EJDhngRlfuR-wqbPSd3UJozUUuVVNFLCBuFcDzyRFNqlS4o03Tm8eVXsKLTCwX8A2u8e4D9L6ECxDgV2OYM66d-_yVBgHqTKnoj5TnkMvQj9dSfX7aC5WW9kW03IGfn6FLF503xZ-eeE9p4YLkLYsFHU10kFNiUbEUVw4KfTSTftb2Qskj6YrOHRYI-REoP63-fvULZZlCiRhvRSYjftkvIr8zdJTdB6mOs73hdwU7YJO1B4U9p9CV9FJ2rkZFzaTHH6-THwcCqyB50nq-XJOi8FgYEOHjUGELwU5oHDij_5T1YnLXPg1a43JK3-Abux88RJ9wIJsINXN1vx7A28TIeV4nw4GBfKmXuDagxV3eac9kp63YwyDJeC7Wjznep8NFZthGoJKceT9N9HqB3VthAEBKC5w1Au5JLNdK98a9knhIfSkmpw-iyr3n_3kaLTmux3oraoe7&sai=AMfl-YQQtXR2bxl6gHyBPgUf_u4aXrdAIAakVJ4t8AiOKWUfPWIUoMtV4yE72LaaepnrPQya1slsM0CyoXAEIzd90Lqrp9XPYaW_BaRF02fg7dyV00-OPSzwHukCPXPblp9qodrENzOoyDJQYFYTXSlrEavjbkoQBQ&sig=Cg0ArKJSzKhKHWpH3pe0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=65&cbvp=1&cstd=61&cisv=r20210524.71244&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 31 May 2021 10:06:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame 3896
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEADR4byjDX26nbXQK7ygzbY&google_cver=1&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1Nk...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1NkrqLBaZTJRRA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1NkrqLBaZTJRRA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 31 May 2021 10:06:55 GMT
Server
MT3 3736 915c305 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIX37o2RyqOdcXemilAXo0RsW1M7I5osZhZVP7mYP2B4uPaKRaddazU2TNY2JHPMXwX4Iqd007VVZBgM1NkrqLBaZTJRRA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 May 2021 10:06:54 GMT
pixel
cm.g.doubleclick.net/ Frame 3896
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAHtTZW606n8thmzdr-x__I&google_push=AQvitUKnR2rCHVawZm0d1ZM0ghTdClE9fx4kHSRAP7hR_p7Qam-i7_Xt_B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAHtTZW606n8thmzdr-x__I&google_push=AQvitUKnR2rCHVawZm0d1ZM0ghTdClE9fx4kHSRAP7hR_p7Qam-i7_Xt_Bsg9avd837-Crarp5T3Tua4cuKwR0S0MkyRIGs4PDQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1622455616.615405,VS0,VE89
x-served-by
cache-fra19137-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAHtTZW606n8thmzdr-x__I&google_push=AQvitUKnR2rCHVawZm0d1ZM0ghTdClE9fx4kHSRAP7hR_p7Qam-i7_Xt_Bsg9avd837-Crarp5T3Tua4cuKwR0S0MkyRIGs4PDQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3896
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHeuhTHRfmUqIo6yfxfyJ38&google_cver=1&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFyp7SohCUoHvsA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA6C293192104C1EA7152C517C6CA8C7&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA6C293192104C1EA7152C517C6CA8C7&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFyp7SohCUoHvsA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA6C293192104C1EA7152C517C6CA8C7&google_push=AQvitUKuuW3yz4VQY8daeB26KQbGw-tImHH3wQh_Hg0WQZpljCvMlQV5eFMaBMX22RCgdgVg6w6C-Q0uzlZuYFyp7SohCUoHvsA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 30 May 2021 10:06:55 GMT
google
match.adsrvr.org/track/cmf/ Frame 3896 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH_g_53DfZi1_jzoLwMttK8&google_cver=1&google_push=AQvitULJfPqZJkBJev25MFBUOHMe3XPcxujo3nYpXfw5Me2MnSaD1JZnZ6M4t4omP7YOnlXZ6fkUVkLia3VnfX4S_SfsvBXqcIc
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 3896 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEF4WvKsYl9DjOpu6qr59KS4&google_cver=1&google_push=AQvitUILSYJeRuoZkrfD8FykTiVXmAvcW8ZLtcMKY6d-wSkIBHZKmRyvIXfpNiu1SYHnr47O7PBRAT6sDV32_RwOZ-LZyPn49A
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 01 Jun 2021 10:06:55 GMT
pixel
cm.g.doubleclick.net/ Frame 3896
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECFPQzqXxxx9v8lT-BvVqvI&google_cver=1&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZMMkEtTi0xVjNC&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLMoX9nS9wlW-gUvXkQzlrZMtNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZMMkEtTi0xVjNC&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLMoX9nS9wlW-gUvXkQzlrZMtNA
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BDRzZMMkEtTi0xVjNC&google_push=AQvitUJax78hSd_5YYCq65Fw_ogQFAoBszqsxxRO6lgRk1jEUJ5LDyrHvwWIfRAs_goDVvoLuLMoX9nS9wlW-gUvXkQzlrZMtNA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3896
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.targeting.unrulymedia.com/csync/RX-60b7fee6-0736-4c2e-bc65-a80b61d1b828-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitULWmDwSofcwB8SjDGT9y...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w&google_hm=A2C3_uYHNkwuvGWoC2HRuCg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w&google_hm=A2C3_uYHNkwuvGWoC2HRuCg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULWmDwSofcwB8SjDGT9yUYlowaLUQlSuNPTvkWadpP2qKkoXcXZTsKk0t1BOFDJcT4Lu7UUR2kkU4WQ881lMAo8y2jhf5w&google_hm=A2C3_uYHNkwuvGWoC2HRuCg
date
Mon, 31 May 2021 10:06:55 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX60b7fee607364c2ebc65a80b61d1b828003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 3896 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtxqZ3dlcng7HlNLga47KiQppAKT70Yirw9cMJ0cF8ccZ1FBeGb1HJnpE7e3wcoMBENpko
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 7B97 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10008955/1620373602480/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 05:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17340
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Jun 2021 05:17:55 GMT
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 46CB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
100461
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Mon, 30 May 2022 06:12:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D926 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcbvd8oDUkx7jEIP5OzYluVTmTJLPiICtq_40j6pVXhCSOMCzZkj0R6kkJFCbtDreRcjsX_jz5gt5FX8PSQUPOt_a2DMhca-X4WewUNn8-5M4n1Pt3Q5y8qvWqg90CFP8VchWyvz9hb3w0zQb3jO_tkQWUB6qkjYKiFMf66VtaNfdiM74pjvw97WPYtdRpyo7KfXuA5e0OsGtejVIG3M8vLHkpj_5GCnICj6OWFG8a1PVhpWGXUNrKQuZrgHeqlrG3gQMBrLpEsfSIMCzDRuDkxd7tq5Z0H0xjyLdP7zC_15m36_ifIBfdqjry5nGuZJ-T-yIEZhBfP4StKS16S_NbA0-R2VJO1W5ZxiqaDNaZoiaLhYt0TFTEQETHp-7OKoGJhaznufW1lFPDiKamyy1nynxTFicRaK94oXeTLYNV9rl4bYCIaE6kLK_Ij7WTdri2Vk0b7gYplOp0v0INUPyRfZ9MhDAcg_B6a8JW2JoO86FKnSykHVi4L2uzg7Hx0wk0UkduwfKSY8A5LvgtoWmh8rPsmhncNzq4yPxGn5sQJsTMx1A_degsWa_RonpSAfQZCkvy01GcVBaUS-cCOHBXqaYNOyLVLWLBgZ7PtW_h506lpuWHBcxNXDVKUxu4XFsUVKcpPsKpkkxR5u4uFxYAQxFaTVu27PwyMJgJq1Fdt1bX2ck7XlXZmOsAkyohnatHEp-3ppBVZChiYq8mCC4hfZCIngv2b7YU1OsIFEO9YLCRlIhCzIGKsygWFprzaOvmLADA7CAkhFUwoUQuBTURoiUWkCquRxneKpsLiWMwLSkitP5RuvyzNzd19QUpUStJlIrmLoTNI3grG-EJDhngRlfuR-wqbPSd3UJozUUuVVNFLCBuFcDzyRFNqlS4o03Tm8eVXsKLTCwX8A2u8e4D9L6ECxDgV2OYM66d-_yVBgHqTKnoj5TnkMvQj9dSfX7aC5WW9kW03IGfn6FLF503xZ-eeE9p4YLkLYsFHU10kFNiUbEUVw4KfTSTftb2Qskj6YrOHRYI-REoP63-fvULZZlCiRhvRSYjftkvIr8zdJTdB6mOs73hdwU7YJO1B4U9p9CV9FJ2rkZFzaTHH6-THwcCqyB50nq-XJOi8FgYEOHjUGELwU5oHDij_5T1YnLXPg1a43JK3-Abux88RJ9wIJsINXN1vx7A28TIeV4nw4GBfKmXuDagxV3eac9kp63YwyDJeC7Wjznep8NFZthGoJKceT9N9HqB3VthAEBKC5w1Au5JLNdK98a9knhIfSkmpw-iyr3n_3kaLTmux3oraoe7&sai=AMfl-YQQtXR2bxl6gHyBPgUf_u4aXrdAIAakVJ4t8AiOKWUfPWIUoMtV4yE72LaaepnrPQya1slsM0CyoXAEIzd90Lqrp9XPYaW_BaRF02fg7dyV00-OPSzwHukCPXPblp9qodrENzOoyDJQYFYTXSlrEavjbkoQBQ&sig=Cg0ArKJSzKhKHWpH3pe0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=37&dett=3&cstd=61&cisv=r20210524.71244&adurl=
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
300x250_Ramka.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		987 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Ramka.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eda26ca2dee9ce3804b338b9dc870089ee9cea0d6d84c7aa20991e7ada72a1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
987
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_Copy.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Copy.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81af59c9cac3fe443cb641aa46a5a14b55dea0374fe350adec6ab341d389ab85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10094
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_28.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_28.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
383f14ceec16b4629b9bcffc4244796ee63de0f32a70eef603cc9c8a00e9f666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1862
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_Nota.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Nota.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3ac569d2e6eef1f853b2e95348d5acc3e23ebb4c5bc860a1f8d7a5ac32bee16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1280
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_Material.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Material.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6199e8032056ea84b044964a8e2319eb5bd27601825095dab537d4ec3cd96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1459
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_Logo.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Logo.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b3b0631f9aa8ce20fc17fe0d49609269b676f524c96ce550ea9537560a18f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4746
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
300x250_Disclaimer.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_Disclaimer.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e9bf4e1d1c9f97be0ecf50f4276a754a0b7826d513efcd9bf542e924cceee25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 04:03:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
21817
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15151
x-xss-protection
0
expires
Tue, 01 Jun 2021 04:03:18 GMT
300x250_CTA_300.png
s0.2mdn.net/10008955/1620373602480/ Frame 7B97 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10008955/1620373602480/300x250_CTA_300.png
Requested by
Host: b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
URL: https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
178807fafdf9cc477d1e6b6daa9745ba961a6c0ec69075d742d781d19c679331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10008955/1620373602480/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:36:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 07:46:42 GMT
server
sffe
age
66621
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1867
x-xss-protection
0
expires
Mon, 31 May 2021 15:36:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 20A4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOjbw350E3GDQOnNQLrospddrG7QoBBHtBpaFfiUYrMiV_v_XXuaSHuoPe5kQEeFEvmNYd2dlVvQryX3jomO6cHUeT3aUH25QLehQ3dM-KGibahnILdR2QpVTQug&sai=AMfl-YR9VYMY58E_7FzhokAKRqoBDDxjzqYABsYf-MRaaf1XZqpQYgUvrywh_MDwB474MQTIGVgU9cuSO2of2M_yuUwwJnFDKWb8CWrT37wv6oYGofVuChfVmDH3YFw&sig=Cg0ArKJSzInIduzDcsBaEAE&cid=CAASEuRopoBvnnfu3J7L5HiTpQH8MA&id=lidar2&mcvt=1000&p=545,245,795,545&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=145010919&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622455614476&dlt=8&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46CB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUYsuP7W0YK6cF7GDlQeOyrGICQAAAAA4AeAEAg&bg=!09Cl0JTNAAaMan2LjGo7ACkAdvg8WimSPmeSl3ajU2IPXLUvq1Y3dNbNeCh3O95pi8nCN96Vpj6ZIgIAAACDUgAAAA1oAQeZAorN5CsYbKXc3Ncu61SPNmYbMbuunhogoFC6kO-BSGOcJcqB251YE8I_M-KKnaUYEEq5DpyEmvnubZddCPWsiVrRyDqiUSdQSEGwpwB4zbFf4NTAU1PXjmNLni39wIVkpbggXD2O0K0776zutBJsSdg1GKHe41yG2MPxHrd_Xcdx_bb7bOj1X-nyVMBdpWADsnq2xkBGInOxGmvnk0WywZQ0YdtiMvJPVajj3hKd06xTVV8ehovS6DgB3xXMZH9h9oP1M5oESAXWYTkLZxpT-DRmBk3TsmbKiSHheFUPLKuSdYwAH_uQE680a0-FssT7NolWWqNA3__zNx0g9Rwdni2jsprCjnXp2fpvG_K27WzdxLrCRzgrml2U1X7CG8dY4ksAc08IbBNkB_gWNO2Xe1ork6-vmcZgmzQqOahwYQs_l4_7tATK0SQIyA8M2F9RhpG6Pld521QDllyvu-VlkpHr6jsL95dlZ9ZB-4k81uBvAGV-e6kMgKWJyw_c0XZr6HUgyRMu_ziAF896ZPEa_9oOE_VTeRZ_Tm7xj2dh2x3XBhF8AVEVlJZNV5PG9GhvcbTk29rpary2MdNyWkX7D6WbSoHn7HJRotR-X3jdMsKXeRMjnPQl9Powr6KI8OJjagizO3lsdjHDake1baMj8aQeG38LK4ViCgQel0U6rGOk2Vl9rhzW_oH6tDMo6npaoq-WeEL0qb3Azxe9p-izxvzfPd-3zX1y3rb5W8t9ZIwGDttpy8FWdtiUIGrtVk007sSheLiqVyd5Zb1C_a6OnJdo0r-_P2uJWIwvLc-VAi2iOpR-QbYqm6bNNFAtOyRi35oEHl81Sj6SLQI09R71VEiCKMJjGhl4n7A_VQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20246.doubleverify.com/ Frame B35A 		67 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=bc2d7de0a4c14975b8ff93b8b697059d&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=93&vdur=161&eoid=6&msrjs=1389&pltfrm=Linux%20x86_64&DVPF_IBV_BUNDLE=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=0506&dvp_ndp6=false&dvp_acifd=1&bsigr=17179869200&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622455615942575
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20235.doubleverify.com/ Frame 5D2C 		67 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20235.doubleverify.com/event.png?impid=8afd2a22eb06430bba79c19a72f57fc6&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=13&vdur=144&eoid=6&msrjs=1389&pltfrm=Linux%20x86_64&DVPF_IBV_BUNDLE=&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=0506&dvp_ndp6=false&dvp_acifd=1&bsigr=17179869200&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622455615991678
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20246.doubleverify.com/ Frame B35A 		67 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=bc2d7de0a4c14975b8ff93b8b697059d&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=8&ismms=41&isumms=40&isvelg=1&nvr=6&isgmmims=41&isgmv4mims=41&elmtp=6&isbxdms=2241&b0=100&b11=2234&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2334&sftb=2334&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1041&isuiabvms=1041&isgmpims=147&isgmv4dpims=1041&ispmxpms=1041&engalms=39&dvp_dpr=1&cbust=1622455616227805
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20246.doubleverify.com/ Frame B35A 		67 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=bc2d7de0a4c14975b8ff93b8b697059d&gdpr=&gdpr_consent=&mascid=kpcg6j9ej5u1afhqgq4h3krxlk72mmd2&dvp_masver=1389&eoid=9&cbust=1622455616227239
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20246.doubleverify.com/ Frame B35A 		67 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=bc2d7de0a4c14975b8ff93b8b697059d&gdpr=&gdpr_consent=&isbxdms=2441&b11=2434&lftb=2534&sftb=2534&dvp_unl=2486&dvp_noEng=true&eoid=10&cbust=1622455616228415
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20235.doubleverify.com/ Frame 5D2C 		67 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20235.doubleverify.com/event.png?impid=8afd2a22eb06430bba79c19a72f57fc6&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=8&ismms=13&isumms=12&isvelg=1&nvr=6&elmtp=3&isbxdms=2212&b0=100&b11=2254&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2354&sftb=2354&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1012&isuiabvms=1012&ispmxpms=1012&engalms=11&dvp_dpr=1&cbust=1622455616229711
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20235.doubleverify.com/ Frame 5D2C 		67 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20235.doubleverify.com/event.png?impid=8afd2a22eb06430bba79c19a72f57fc6&gdpr=&gdpr_consent=&mascid=kpcg6jr5ysqn3plzhkr6urdg05j54n7g&dvp_masver=1389&eoid=9&cbust=1622455616229570
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
event.png
tps20235.doubleverify.com/ Frame 5D2C 		67 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20235.doubleverify.com/event.png?impid=8afd2a22eb06430bba79c19a72f57fc6&gdpr=&gdpr_consent=&isbxdms=2312&b11=2354&lftb=2454&sftb=2454&dvp_unl=2407&dvp_noEng=true&eoid=10&cbust=1622455616229986
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/30/2021 10:06:56 AM
Primary Request Cookie set undefined
jalantikus.com/apps/download/5566/20670/ 		130 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/apps/download/5566/20670/undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~apps~games.0954fd43.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
91a84ab481a5cd3650971aead9104d8e12a6ba67c1f3e43c77fc72fd90b33fa6

Request headers

Host
jalantikus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://jalantikus.com/apps/download/5566/20670/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/apps/download/5566/20670/

Response headers

Server
nginx
Date
Mon, 31 May 2021 10:04:50 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Set-Cookie
valid_until=1622466291; Domain=.jalantikus.com; Path=/; Expires=Mon, 31 May 2021 13:04:51 GMT access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek; Domain=.jalantikus.com; Path=/; Expires=Mon, 31 May 2021 13:04:51 GMT
ETag
W/"20979-x1onxxKI5jVlPHQPOExpwgCYePc"
Content-Encoding
gzip
bsevent.gif
tps20519.doubleverify.com/ Frame 4CF2 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=b83878665e7141ea97565adc061594ec&mascid=kpcg6j9ej5u1afhqgq4h3krxlk72mmd2&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=620&cbust=1622455616226514
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:06:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/30/2021 10:06:56 AM
adview
securepubads.g.doubleclick.net/pagead/ Frame D926 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEVn7P7W0YJfwArzc3wOUiIngCrSawPli3dHj8NwN8C4QASDVx4toYOnkyYXYGqAB37bjtALIAQmpAiflxwyuP5I-qAMBqgSQAk_Quj-jAThk8HvQVAJbOZH3w5Brs5ZLppbjvozKN_8jsW04m0_QWpuMZoFI1LO9gN345sYNnK14AiepXGI7sWV92k3fLXG7q69Z5kVqAktMIf-qixfIRi4Vy593GqjFWFcbWXNDVUgsulE49PxgpNAx93TO5PY5Too4wKZyP8sNPt7e09Yo5AgadtoFTE3RZAjWQKnmWCa7jtgqbuyPs90w30lWP_6cimKpqMw2eztlYi4URMmwwVJt_P4DTN3EFbIw6d7HW7td6regij3fyv1W4oJ_f3nTRty4hoh1cgvsWWCK3jL9nbnqgm-TmtxBkHOcTtnpZLt1GIAuIFdsfr_0Dk_dPKaO-HFl-kWpDLeswATa3rKq1APgBAOIBeLH56sxkgUGCBsQAxgDkgULCCIQAxgDSLmChgGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBkyAB4nJnMsBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwoQu7MMGPOMn6gB0ggJCIDhgBAQARgdgAoDyAsBsBO9o84LyBPkmYzdA9gTDYgUBNgUAdAVAYAXAbIXGgoYCAASFHB1Yi01Mzk4OTg5NjgwODQxMjIx&sigh=uV9INxJzN2I&vt=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D926 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHhDz0lzcsZOkuUEqZVs4e3JIEkbUjIIbM_eaoi39qIF5tfcnFeTjSIakeKFk6b6nk9cqANj2nz8-KDdqaSZ4WtEkNOx4mfWoXO7Nnb1GGH28sUhXfCj_4leltTw&sai=AMfl-YRmqh4lL7Vl8VNp8-qJW2hKpYTilYyiABmDanVvAyjSBKltGQmvcF-BoU9xhEnn9ebv6NdnIz6whpJdXLet51gtnztVAGPosw8snR7K22ByR7GNynLs45t5qsI&sig=Cg0ArKJSzNEJRsVD3A_zEAE&cid=CAASEuRo0dApg-9TzQfIVdUrWVYnPQ&id=lidar2&mcvt=1001&p=141,1055,391,1355&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3564718388&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1622455615357&dlt=8&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D3FB 		0
0
dc_oe=ChMI3PLDlNbz8AIVNRKLCh1Q3glBEAAYACCozLxIQhMI76yblNbz8AIVFRSLCh2V2Aca;met=1;&timestamp=1622455616689;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;
ade.googlesyndication.com/ddm/activity/ Frame 20A4 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 20A4 		0
0
dc_oe=ChMIvdS-k9bz8AIV-oODBx3CRAkkEAAYACCP9olHQhMIp7ejk9bz8AIVFYaDBx3B2QMd;met=1;&timestamp=1622455616695;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=3;
ade.googlesyndication.com/ddm/activity/ Frame D960 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D960 		0
0
bz
www.facebook.com/ajax/ Frame 5A78 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2977 		0
0
dc_oe=ChMI7rf5lNbz8AIVsUHlCh0OZQyREAAYACC96uNHQhMI14vllNbz8AIVPO53Ch0URAKs;met=1;&timestamp=1622455616716;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;
ade.googlesyndication.com/ddm/activity/ Frame D926 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D926 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF2 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF2 		0
0
vendor.2ea448fd.chunk.js
jalantikus.com/assets/ 		548 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/vendor.2ea448fd.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
7033c1ee58c73352f6544bbcb2f559e9cabaaa8cbd19142a76a9ecf1848aaab5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"88ff9-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
not-found.7a509e42.chunk.js
jalantikus.com/assets/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/not-found.7a509e42.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
3edefe30c3b2192b197087f5ed5c39bbba20699063b81fd30a6aa4222be008e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"2ebd-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
client.dd818d4d.js
jalantikus.com/assets/ 		440 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/client.dd818d4d.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
cd12aa5462f9fbcc60d144b717feddff6be69fab664ff5799a9969be95a3911c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"6dee5-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
georgy-scripts.js
jalantikus.com/assets/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/georgy-scripts.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1cf506fd3fca5e0656599921ed51776a1aa32723e4b008c57981e82c365f6cb0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"27e6-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-793174195
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7e0eae453b180ab7d4e236f5f396926efa232c83bbd9f4cff42b13b33a96187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34515
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:57 GMT
jquery.min.js
jalantikus.com/assets/scripts/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/jquery.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"15282-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
lazysizes.min.js
jalantikus.com/assets/scripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/lazysizes.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1c43-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
jt-lib
api.jalantikus.com/v1/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/script/jt-lib
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
46b610a9f8ecb8423642a7dfbd92f0069cf143e4b28c3d0c0e8dcbda9a79724d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
truepush.min.js
jalantikus.com/assets/scripts/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/truepush.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
76688317b3c3634971711154c298d9d93ab26f1e2e7d970356ce2b6fdb3fc126
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4a2-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
quicklink.umd.js
jalantikus.com/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/scripts/quicklink.umd.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
8c69126babfad07d3771743ca0e2f574b9be1f40ac4ce6c7c3cd7a5be9cda85a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"783-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec14d7ff03d82c9844f4076d1683d35b85844914a7323552868745a0e602ed90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56956
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
4ICz4pIF3WU9b1MsmAGh/070X2iMJ8tKHmXywWFvHCmHKoGkAorvKju2pPdJO1TgSjgCpSogO6eZzDyWuQpjhA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 May 2021 10:06:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
696041037718286
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696041037718286?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
603dd45e77d021c9f286f46775ebd1c3237ba675f908029bb50e2a147ad20ba7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74127
x-fb-rlafr
0
pragma
public
x-fb-debug
ws6xm4NuOE2c6b4w8Zb7MAd//JcRMJR5VGpSkCJywOtgDwkh4erbGta0Y/9CUXmilZxM1URHbYFi+1NpIvJQSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 May 2021 10:06:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46c299242a5d4b158b59c7eff0388a36b10765708113d616f9b3351e04d8bd68

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
9cea38da.png
jalantikus.com/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/assets/9cea38da.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
59176b1eedef6fc7abd5c3a4cecd8064709cac3e1e95c8a128fdba79badab3d8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:53 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"143a-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5178
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
337615b213a503699faef8300c56f30a4e46cfac1e3b51fc3828378f7fb61a2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8ee1b6db.woff2
jalantikus.com/assets/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/8ee1b6db.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
cdb5194095b67f1ac215f38b213238abe3471fec933455d60d845bb916c30b6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5234-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21044
1f58a3d1.woff2
jalantikus.com/assets/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/1f58a3d1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
9cc1de1a2b2bf6a40d9a0e4d162d6bca439dad8fd6f919b0c9122438559bde70
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:52 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"5b58-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23384
019d1236.woff2
jalantikus.com/assets/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/019d1236.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
1b2a0f287979289861c6bb968278f82f5c071b68f46ef81070ecbb4e3b174a19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:51 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"c698-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50840
ebe43af1.woff2
jalantikus.com/assets/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/ebe43af1.woff2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
173c86431a9ae30d0874614de56116a230722f630fadbf652c209ce3dc1faaa2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:52 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"cf5c-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53084
a388c6d9.woff
jalantikus.com/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/a388c6d9.woff
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
595235a7e1a5d5ba486e141c01cda5bccac787e66649e82cec5a2c9878a5e80e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://jalantikus.com
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
__gads=ID=5384c93eca468f5b:T=1622455610:S=ALNI_MZUwujQw5jE0bJ2eLkZXw3zmxSXUA; valid_until=1622466291; access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX3Rva2VuIjpmYWxzZSwib2xkX3Rva2VuIjpudWxsLCJ1c2VyX2FnZW50Ijoibm9kZS1mZXRjaFwvMS4wICgraHR0cHM6XC9cL2dpdGh1Yi5jb21cL2JpdGlublwvbm9kZS1mZXRjaCkiLCJnZW5lcmF0ZWQiOjE2MjI0NTU0OTEsImdlbmVyYXRlZF9taWNybyI6IjAuMTAwMDk1MDAgMTYyMjQ1NTQ5MSIsInZhbGlkX3VudGlsIjoxNjIyNDY2MjkxfQ.V4VxGo7eDnRyllxMEu7890p3RtDZdexViuyrpOUgkek
Connection
keep-alive
Origin
https://jalantikus.com
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:52 GMT
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"86b4-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34484
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-793174195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14053
x-xss-protection
0
server
cafe
etag
4209742185836358702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 10:06:57 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6005
date
Mon, 31 May 2021 08:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 31 May 2021 10:26:52 GMT
hotjar-1771071.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-67.dus51.r.cloudfront.net
Software
/
Resource Hash
584659b4657a2b055ca6360cb6429f1086a7247ef2cdcec01378f3a3b93caeae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
22
etag
W/fbfe0b92f64a609dcf4577efbbf83db8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
DUS51-C1
content-length
1923
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-id
9njaColZ1kzMLXcJf_9nUqxEwNR8hqBpN-jqxmnweSHrSi9v9mhZeA==
d1f547c2d48610d1702141a08.js
chimpstatic.com/mcjs-connected/js/users/5ffec75b908e612179aa04b91/ 		50 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/5ffec75b908e612179aa04b91/d1f547c2d48610d1702141a08.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:06:57 GMT
Last-Modified
Thu, 11 Jun 2020 12:22:15 GMT
Server
AmazonS3
x-amz-request-id
42C421B07B719C09
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=216
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
xl9FDgyPH4YOeRz0QEfwRz0sEHV13QYMAJdPnXa/IMOdnjGJFZkjeAUqE7bntXRcChJZcNwFmXU=
Expires
Mon, 31 May 2021 10:10:33 GMT
/
www.facebook.com/tr/ 		44 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696041037718286&ev=PageView&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&rl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&if=false&ts=1622455617133&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622455617132.1831251428&it=1622455617084&coo=false&exp=l0&rqm=GET
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 31 May 2021 10:06:57 GMT
js
www.google-analytics.com/gtm/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-PKJVNMN&t=gtm8&cid=1372017405.1622455617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2465ca0a2bdf7bf188411b084d46900a7dfa349e104da0d25ea292abf1683fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35242
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 10:06:57 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
modules.5a9f57d95ecbb1bf1965.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5a9f57d95ecbb1bf1965.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-112.dus51.r.cloudfront.net
Software
/
Resource Hash
2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 14:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
589912
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
58986
access-control-allow-origin
*
last-modified
Mon, 24 May 2021 14:15:04 GMT
etag
"5ceb8315474bd4c418f908d57285720a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
6tZfVuNTNRCrJ-Q03RmdiqQ0z_vQCr1Eb9PhXqALhCgCp1eQnCPZqw==
publisher:getClientId
ampcid.google.de/v1/ 		3 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/793174195/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793174195/?random=1622455617191&cv=9&fst=1622455617191&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&ref=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b32035628570ab5588a0e4da9ff1cf2b71a2619b0f715376551f34ecf7839b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1074
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=794962435&t=pageview&_s=1&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&ul=en-us&de=UTF-8&dt=Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAQCAC~&jid=1242433508&gjid=1181545399&cid=1372017405.1622455617&tid=UA-56475281-2&_gid=2131249353.1622455617&_r=1&gtm=2wg5q1WVNL8MB&cm1=1&z=653984827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1242433508&gjid=1181545399&_gid=2131249353.1622455617&_u=aGDAAEACQAQCAC~&z=2009825270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 May 2021 10:06:57 GMT
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1242433508&_u=aGDAAEACQAQCAC~&z=858870021
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1242433508&_u=aGDAAEACQAQCAC~&z=858870021
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/793174195/ 		42 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/793174195/?random=1622455617191&cv=9&fst=1622455200000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&ref=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus&async=1&fmt=3&is_vtc=1&random=1349121063&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/793174195/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/793174195/?random=1622455617191&cv=9&fst=1622455200000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&ref=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&tiba=Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus&async=1&fmt=3&is_vtc=1&random=1349121063&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696041037718286&ev=Microdata&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&rl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2F&if=false&ts=1622455617635&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fjalantikus.com%2F%22%2C%22name%22%3A%22JalanTikus.com%22%2C%22alternateName%22%3A%22JalanTikus%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fjalantikus.com%2Fsearch%2F%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fjalantikus.com%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FJalanTikus%22%2C%22https%3A%2F%2Finstagram.com%2Fjalantikusid%2F%22%2C%22https%3A%2F%2Fplus.google.com%2F%2BJalantikusID%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FJalanTikusOfficial%22%2C%22https%3A%2F%2Ftwitter.com%2Fjalantikuscom%22%5D%2C%22name%22%3A%22JalanTikus%22%2C%22logo%22%3A%22https%3A%2F%2Fassets.jalantikus.com%2Fassets%2Fcache%2F0%2F0%2Fuserfiles%2F2015%2F04%2F20%2Fjtlogo.png%22%7D%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622455617634.172335803&it=1622455617084&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:06:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 31 May 2021 10:06:57 GMT
cat~5d36dde6.1825a755.chunk.js
jalantikus.com/assets/default~about~activation~apps~artikel~contact~daftar~eula~facebook~faq~gadgets~games~gokil~gokil/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~about~activation~apps~artikel~contact~daftar~eula~facebook~faq~gadgets~games~gokil~gokil/cat~5d36dde6.1825a755.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
228eaf7ac0921f083a802e6f75bcc18075a961ee7400cb343bf150376fd737ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
_fbp=fb.1.1622455617634.172335803
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"fd52-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
:category~ha~eb876783.bc2c4d6b.chunk.js
jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/client.dd818d4d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
b35ced4ee2b9a3b93761efe1a6fb27aca094b205b00815104f7c912eb9408a46
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
_fbp=fb.1.1622455617634.172335803
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 05:11:03 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"1cac6-1791c099e58"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
data
api.jalantikus.com/v1/component/header/ 		898 B
767 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/header/data?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
0a25726507bd80cf9f87180e90bcd372580f036ad851f2f1b302b3bdb67c709e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:53 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
notfound
api.jalantikus.com/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/notfound?access_token=undefined
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/default~about~apps~artikel~contact~eula~facebook~faq~gadgets~games~gokil~gokil/category/:category~ha~eb876783.bc2c4d6b.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
c84431e623a1155a7d0a6edd5c9e7668a91684c4a7607b7c0661aa364e0361e3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 10:04:53 GMT
X-Scheme
https
X-Real-IP
37.120.211.116
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/j/ 		2 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=794962435&t=event&ni=1&_s=1&dl=https%3A%2F%2Fjalantikus.com%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&ul=en-us&de=UTF-8&dt=Halaman%20Tidak%20Ditemukan%20%7C%20Jalantikus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=404%20Page&ea=Error&el=%2Fapps%2Fdownload%2F5566%2F20670%2Fundefined&_u=aGjAAEADQAQCAC~&jid=1112856603&gjid=433776754&cid=1372017405.1622455617&tid=UA-56475281-2&_gid=1803125767.1622455619&_r=1&gtm=2wg5q1WVNL8MB&z=1663322786
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1112856603&gjid=433776754&_gid=1803125767.1622455619&_u=aGjAAEADQAQCAC~&z=1697000061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 May 2021 10:06:59 GMT
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1112856603&_u=aGjAAEADQAQCAC~&z=1203309686
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-56475281-2&cid=1372017405.1622455617&jid=1112856603&_u=aGjAAEADQAQCAC~&z=1203309686
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/apps/download/5566/20670/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 10:06:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6bc92316cf9b94564838ba2a15737f8da7279aaae366c47944d51e41f03bbf3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
version.json
sdki.truepush.com/sdk/ 		176 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/scripts/truepush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:2600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53b432abc7b7bca1b37ea5a8eff17f1cf42c6bfee994afdac382516816eba433

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:21:52 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:02:02 GMT
server
AmazonS3
age
1525509
etag
"1750846158a87898512de997f08483cc"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
176
x-amz-cf-id
wMIR9NXza4Wg7jUv05xe7pxBHWCXlDKLA7jf12nkO64Se1dQpC_l0g==
404-icon.png
jalantikus.com/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/assets/images/404-icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.221 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx / Express
Resource Hash
7b94e6b15d529b86645b9d233124605155fee5e0d0548ad4864677518aa9653c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jalantikus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
Cookie
_fbp=fb.1.1622455617634.172335803; _ga=GA1.2.1372017405.1622455617; _gid=GA1.2.1803125767.1622455619; _gat_UA-56475281-2=1
Connection
keep-alive
Referer
https://jalantikus.com/apps/download/5566/20670/undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 10:04:54 GMT
Last-Modified
Thu, 29 Apr 2021 05:09:49 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"3354-1791c087d48"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13140
anak-dono-warkop-2bdc8.jpg
assets.jalantikus.com/assets/cache/255/105/hiburan/2021/05/05/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/255/105/hiburan/2021/05/05/anak-dono-warkop-2bdc8.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
687209794d4e70294429aa29b82426973be192db764358e957c037dd43bdf160
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:24 GMT
Last-Modified
Wed, 26 May 2021 18:03:58 GMT
Server
nginx
Etag
601c9334eb703cf04d964db1aab6d8b7
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
110.137.204.164
tempat-wisata-yang-ditutup-karena-ulah-manusia-banner-9ceb9.jpg
assets.jalantikus.com/assets/cache/255/105/ragam/2021/03/31/ 		64 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/255/105/ragam/2021/03/31/tempat-wisata-yang-ditutup-karena-ulah-manusia-banner-9ceb9.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:24 GMT
Last-Modified
Mon, 24 May 2021 20:48:27 GMT
Server
nginx
Etag
18009bedfc5ec1aacb9eb1d650022c28
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
114.122.228.10
nasib-tkw-indonesia-81c38.jpg
assets.jalantikus.com/assets/cache/255/105/news/2021/05/28/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/255/105/news/2021/05/28/nasib-tkw-indonesia-81c38.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
8567232c5deaa2f9fdbacfe9fd7c2164c143aa39e197fee635058f4b872c2122
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:24 GMT
Last-Modified
Fri, 28 May 2021 20:05:59 GMT
Server
nginx
Etag
31ce4b802b773dfe0118462ad41c2f15
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
140.213.9.19
download-kinemaster-diamond-apk-fa3c3.jpg
assets.jalantikus.com/assets/cache/255/105/tips/2021/02/11/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/255/105/tips/2021/02/11/download-kinemaster-diamond-apk-fa3c3.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.237 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 02:04:24 GMT
Last-Modified
Sun, 30 May 2021 11:57:23 GMT
Server
nginx
Etag
9aca4a1383f76bb5336f9668da99a918
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-Real-IP
180.251.144.87
main.js
sdki.truepush.com/sdk/v2.0.3/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/main.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/assets/scripts/truepush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:2600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42e4b568436b29320d64d25114e0c6681f90282220ce6424bf116d7409397e5c

Request headers

Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 23:26:39 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 12:15:13 GMT
server
AmazonS3
age
729622
etag
"6369b5c5aba753aa8b3a30edadc685f9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control
max-age=864000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
18730
x-amz-cf-id
NosBVjIJd3T__4kXg6VCN8rtw9BN-YaMwE3cSptHUl3QpzrCPtLm0w==
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame ED47 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-56.dus51.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jalantikus.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jalantikus.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 20 May 2021 13:17:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Z3oJ5yGPV4cn8EUmOJOvfxELjKbZVlqUvyhEEUh--6zzHHkz_aFUTQ==
age
938995

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEK_9lOMdUqmy-q7mXs_eatU&google_cver=1&google_push=AQvitUKib8SVdz2zq7WyHbXleKThTuzrDU5Kfn-CQBiMx3tPJouUaUy3vNquICm-JDrnJkRpUEQSU0NpwaGJz-ijBD5ylxWGxL0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHI5Vd3bU1tyDFOX2pfH1k9iIYAsIoHmki3O0T969zKBhOalHc9QCZaBvFgSLvfVD6utJP5n5WOi7uAl3H2uPByYXKi5oxznX8TksRXu9_GmibhohhUeJC_0s4OQ&sai=AMfl-YQ1uCehdAWejTk04b6IfwnyQbP0eTEyS3tvxD8Usl_sHEQ-tctb-4vnqNmFNxTbDpUuQfvuPuXxTRdoRd1sR-gknA9r-I7Je-LspiXcoMzNXmobmxnqmXtHLrA&sig=Cg0ArKJSzBIurmTb7_yeEAE&cid=CAASF-RoAiT6ABTPl85amd_Yu7Y-NxbG-Gud&id=ampeos&o=436,276&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=3838&mtos=0,0,3838,3838,3838&tos=0,0,3838,0,0&tfs=111&tls=3949&g=100&h=100&pt=167&tt=3949&rpt=167&rst=1622455612603&r=de&isd=inside&msd=inside&avms=ampa
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3PLDlNbz8AIVNRKLCh1Q3glBEAAYACCozLxIQhMI76yblNbz8AIVFRSLCh2V2Aca;met=1;&timestamp=1622455616689;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOjbw350E3GDQOnNQLrospddrG7QoBBHtBpaFfiUYrMiV_v_XXuaSHuoPe5kQEeFEvmNYd2dlVvQryX3jomO6cHUeT3aUH25QLehQ3dM-KGibahnILdR2QpVTQug&sai=AMfl-YR9VYMY58E_7FzhokAKRqoBDDxjzqYABsYf-MRaaf1XZqpQYgUvrywh_MDwB474MQTIGVgU9cuSO2of2M_yuUwwJnFDKWb8CWrT37wv6oYGofVuChfVmDH3YFw&sig=Cg0ArKJSzInIduzDcsBaEAE&cid=CAASEuRopoBvnnfu3J7L5HiTpQH8MA&id=lidartos&mcvt=2093&p=545,245,795,545&mtos=2093,2093,2093,2093,2093&tos=2093,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=145010919&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1622455614476&dlt=8&rpt=1&isd=0&msd=0&r=u&fum=1
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvdS-k9bz8AIV-oODBx3CRAkkEAAYACCP9olHQhMIp7ejk9bz8AIVFYaDBx3B2QMd;met=1;&timestamp=1622455616695;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=3;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssyVSXJD5V-xFjw2yCpSQ3Z4SltO5SW3tL8ruKtbf06dnvapjTtOSmYn0kx2E4Xy9e0h2q6ND3Ip6Djg9ihk7pSQhFqjl2hp7d5HFuryKwEnOi&sai=AMfl-YTX6-FaNQ_0T6OIr67-lWRUs3puU5KTLB0ytpmVWhhrpV1GInzbN1VONYMYG7FC4zk5SYmtX3on0h-206Bm4AU98f3I8s4AY3BWWTEGk--kNEr9uq5hT7Lm6EU&sig=Cg0ArKJSzBDfh_M-pFPVEAE&cid=CAASEuRo97-lHt5blLBDgCoqQLFxLw&id=lidartos&mcvt=4224&p=935,245,1185,545&asp=935,245,1185,545&mtos=4224,4224,4224,4224,4224&tos=4224,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2333532581&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1622455612268&dlt=28&rpt=191&isd=0&lsd=0&msd=0&r=u&fum=1&speed=1
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__csr=&__dyn=7xe6HUO13xy1ryUbFp62-m3i3i2i5U4e1Fx-ewSwMxW0SUhwr83vx60Vqw5SCwSxu0OE2WxO0FE662y0umUS1vw55xS0sy0SU2swdq0Ho2ew2MoG&__hs=18778.PHASED%3Aplugin_default_pkg.2.0.0.0&__hsi=6968393789536139327-0&__req=3&__rev=1003879642&__s=%3A%3Aua9ryu&__sp=1&__user=0&dpr=1&jazoest=22122&locale=en_US&lsd=wNHjxr6nGhdgX6tnvmySgE
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCNOGkHRfa9C7VJJf6tYS_cUYA-2TBIASUDAbqEomFGBX9qIASeIF16bwV79dTye4mdZk9eyUpRkSf3cQ2B4GEs_B9PU28A8LSHix7iXbOrZ0XdsIz5xwkwKvcCw&sai=AMfl-YQPQ7ZdjbHhjjM6nHdcWK-DCouPZ48mqL07dwwrpBszkn4HdSkRPOYzbq6sA_iw65xDsO0h6KJ9N0umMd6oTWpnc_fgWm4v9F6NzQXztB3S3b6MiGP9b7V2BQA&sig=Cg0ArKJSzChM35zvXi8SEAE&cid=CAASF-RozblNijSZGC5niWWSoJCLz7R2BcwX&id=ampeos&o=436,1230&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=2804&mtos=0,0,2804,2804,2804&tos=0,0,2804,0,0&tfs=116&tls=2920&g=100&h=100&pt=246&tt=2920&rpt=246&rst=1622455613670&r=de&isd=inside&msd=inside&avms=ampa
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7rf5lNbz8AIVsUHlCh0OZQyREAAYACC96uNHQhMI14vllNbz8AIVPO53Ch0URAKs;met=1;&timestamp=1622455616716;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHhDz0lzcsZOkuUEqZVs4e3JIEkbUjIIbM_eaoi39qIF5tfcnFeTjSIakeKFk6b6nk9cqANj2nz8-KDdqaSZ4WtEkNOx4mfWoXO7Nnb1GGH28sUhXfCj_4leltTw&sai=AMfl-YRmqh4lL7Vl8VNp8-qJW2hKpYTilYyiABmDanVvAyjSBKltGQmvcF-BoU9xhEnn9ebv6NdnIz6whpJdXLet51gtnztVAGPosw8snR7K22ByR7GNynLs45t5qsI&sig=Cg0ArKJSzNEJRsVD3A_zEAE&cid=CAASEuRo0dApg-9TzQfIVdUrWVYnPQ&id=lidartos&mcvt=1258&p=141,1055,391,1355&mtos=1258,1258,1258,1258,1258&tos=1258,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3564718388&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1622455615357&dlt=8&rpt=0&isd=0&msd=0&r=u&fum=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxQwNT46CMVsag4T-6yIrvn6xAW6A0ZVkCk4XlSdNkPgchfES2zNIJgb1G0O5rOfq-gh4_WOO71VHTUB_SUXXV18Cr5Sc1wiceSDWtvFuM9Czu6Hv6HxeLRN3g1w&sai=AMfl-YRy-ylIAQPoOuTULrCHZN_Np7lAH_hTtHQE1U8p7P82_FKv96yIkYK1wP_4_esLxono6n4E3K2FREXAA3GYQ_GUWGuRIKLHGwWMIydM6PPsE724La6hvGtGmqU&sig=Cg0ArKJSzKPVUZs9A0eyEAE&cid=CAASEuRogrlPVsi3YEbDHWJPCr_rWg&id=lidartos&mcvt=3022&p=411,1055,665,1355&mtos=0,3022,3022,3022,3022&tos=0,3022,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=400162579&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1622455613073&dlt=8&rpt=1&isd=0&msd=0&r=u&fum=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIQiDqxTWDYLL0Uve-UrMhf_XtR830eZscwYDB_lPqNR8PX9BkGJgBwoOkL71rUJwbdyHmoTHnjRfNVhV7v6OBG1F-u9Jg&sig=Cg0ArKJSzPK-lJZIlLYREAE&id=lidartos&mcvt=3022&p=0,0,250,300&mtos=3022,3022,3022,3022,3022&tos=3022,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3595875760&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosc=0&eosm=0&r=u&fum=1

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| closeAdFooterStick function| isInViewport function| adsLoadFunc function| lazyLoadFunc boolean| isMobile number| inContentSlotId function| generateInContentSlotId undefined| topStickyTimeout function| topStickyFunc object| googletag string| slotTopLeaderboard string| slotBottomSidebar number| SECONDS_TO_WAIT_AFTER_VIEWABILITY function| gtag function| fbq function| _fbq object| article_content object| jt_content object| apps_content object| App object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| google_optimize object| $mcSite object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| truepush object| lazySizes string| BASE_URL object| truepushVersionInfo string| r object| HTTP object| quicklink function| onYouTubeIframeAPIReady undefined| key undefined| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs

4 Cookies

Domain/Path Name / Value
.jalantikus.com/ Name: _gat_UA-56475281-2
Value: 1
.jalantikus.com/ Name: _gid
Value: GA1.2.1803125767.1622455619
.jalantikus.com/ Name: _ga
Value: GA1.2.1372017405.1622455617
.jalantikus.com/ Name: _fbp
Value: fb.1.1622455617634.172335803

5 Console Messages

Source Level URL
Text
console-api info URL: https://api.jalantikus.com/v1/script/jt-lib(Line 5)
Message:
JalanTikus Library loaded
console-api error URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz(Line 56)
Message:
ErrorUtils caught an error: Cannot listen to an undefined element. [Caught in: Tried to listen to element of type click] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://jalantikus.com/apps/download/5566/20670/
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://jalantikus.com/apps/download/5566/20670/
console-api info URL: https://api.jalantikus.com/v1/script/jt-lib(Line 5)
Message:
JalanTikus Library loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.jalantikus.com
assets.jalantikus.com
b356a82f818b62a4933b33c04bf2ed4e.safeframe.googlesyndication.com
c1.adform.net
cdn.ampproject.org
cdn.doubleverify.com
cdn3.doubleverify.com
chimpstatic.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
external-frt3-2.xx.fbcdn.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
jalantikus.com
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
s0.2mdn.net
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
script.hotjar.com
sdki.truepush.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20235.doubleverify.com
tps20246.doubleverify.com
tps20519.doubleverify.com
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
ade.googlesyndication.com
pagead2.googlesyndication.com
um.wbtrk.net
www.facebook.com
124.155.223.221
124.155.223.225
124.155.223.237
13.226.159.112
13.226.159.56
13.226.159.67
142.250.185.98
142.250.186.70
151.101.14.49
169.50.137.190
172.217.16.130
172.217.23.98
185.29.132.144
185.33.220.240
185.64.190.78
185.86.137.107
193.0.160.128
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.44
213.254.244.11
213.254.244.17
216.58.212.162
23.32.243.206
2600:9000:2182:2600:7:6b7b:1000:93a1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a02:26f0:10c:49e::4469
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.143.99
3.126.56.137
35.156.106.231
35.186.193.173
35.227.252.103
37.157.3.29
66.155.71.150
69.173.144.139
76.223.111.131
85.114.159.118
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
0357a64e201bef361dcbeb405a11adf272d092b1dc1b4b7cbd1f4a1fd82e0436
0480ae8ef362c162397af1420e9ecba06e148d821c5faa43074af26dc4aa97d7
04bb1699b5fb03957a5a790ba42f967b739ce65d8e353f229c6889685f720dfd
07248133a686d33270a509ce988a16bd0af0b14cc680f25321034a27d3c2ae23
0a233fb206bbfca5c2e09ea81430af4a64e7f1fc76649859b0a49bb9cd09f447
0a25726507bd80cf9f87180e90bcd372580f036ad851f2f1b302b3bdb67c709e
0a293f3eaf0553e6984a47a8b22e84083f2ae5d07afdce2906b3ae6a48811ddd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e12d567a48199de2089253e3b38d051475af46c0c215d6fb8b9726978d91944
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1194561301c1f1ae611c2d2adb63bf1d3c6e4e6fa6fddafd0977834027ce6155
119777079cfcc07503b21a1829afcfc374704c9704649aee967191a58743d75c
11d3c19422f3aed2dfb0d718d09bfb98ae6611505bd3cb136ea8efeba4f5444b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137f53955a4a3415c3b1eb93624ddf1d3276db60e53620328420fbb6a8c2593e
1499f8dc5d7f95426b8fdb938fd6e1d4d956cf8f2c8acc879c8cf076013ecf07
14a4a2ba746fd65156fb7656e9472f6101bcce625ba0991abdaa1204b1ad7364
16e79822d3a9f8a8f6829413d4672987d2036731689971dbc266e4b278c033b1
173c86431a9ae30d0874614de56116a230722f630fadbf652c209ce3dc1faaa2
178807fafdf9cc477d1e6b6daa9745ba961a6c0ec69075d742d781d19c679331
17ec396ddf975db57d3b15f05c3370a3225063eaea7af852933246879369ef06
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
194d069a54e01bfd1418158e53ba415d2197e0c8df612a9aba69854d0f499e2e
1b2a0f287979289861c6bb968278f82f5c071b68f46ef81070ecbb4e3b174a19
1b57dc107cef3e947edac40bf6752135ad3afc772189d7c97d3f09c539768848
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1cf506fd3fca5e0656599921ed51776a1aa32723e4b008c57981e82c365f6cb0
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1eba3346f184667c0ff98f0de88892f74ce7ca1982442d0c2944c312e4cd421e
1f95e6cfd985a71f23b49669bf804b3cd475fb3ff5b9a07146f1532b1e9ab6f8
21aa4eced80e82bc20d3ed73cc2fdae4e61cf55a1c34182bb874b81e8317890e
221451771e88bdf75991de0306dece6e1c4ac3c2f88c30a57f7b26eb287c49d4
221b1459af8f41252a68775f825c9855f32d94f172c87194501ab5235c65503b
228eaf7ac0921f083a802e6f75bcc18075a961ee7400cb343bf150376fd737ef
237cd96b4985aa1ba2dda2a8d654f210c00d0a6d011e39fee12f25e51208ea67
23f0aae35c94a69857003dd81fefd28754fa250a71ab0a1b03bf50005261aa84
2465ca0a2bdf7bf188411b084d46900a7dfa349e104da0d25ea292abf1683fd1
250cbf968b1de6a4745b709764e82a53375841570b8d009e084f42790c7a83fc
269d2aeb54ca71922b58ac204cd570c2aedf71eccf98ed5c2edf2cc12ba66942
26db2891bd423c1cc00655994d7562f9a72e38ab46bbc716ff0c521339d5f73d
29491d93022eb312a91d5a5c914e606b0fea45683e35d85d8f3758b307814520
29f6199e8032056ea84b044964a8e2319eb5bd27601825095dab537d4ec3cd96
2a03ce730fe57959604712c807c5701ccc859d10dc020164e573be431b4b758a
2a75278ede993e8d1b196d2ccb896191b4e2ece3487fa1e28043a374506646ac
2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
3169ea4653e42f463f679dcee776e06efc33c35227105bd24f796b6e6199412d
337615b213a503699faef8300c56f30a4e46cfac1e3b51fc3828378f7fb61a2c
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
383f14ceec16b4629b9bcffc4244796ee63de0f32a70eef603cc9c8a00e9f666
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3adc52771907bc9687ce800b228a2aa22c57aa8693b02b5e8aae195d4e6fda60
3b330ccb1651ba533bac7f16eb05c3009d986bb722c48d5be13c3055e80746f6
3edefe30c3b2192b197087f5ed5c39bbba20699063b81fd30a6aa4222be008e5
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
411b98e9c46d98be93b8ce34a96f01b0985ef7e812f96dfb9c5ef723bd324213
42e4b568436b29320d64d25114e0c6681f90282220ce6424bf116d7409397e5c
440c688ddc4c70abb9dd0380318b78e8c23d4a0cef3b2caec92bfefd1c042e66
46b610a9f8ecb8423642a7dfbd92f0069cf143e4b28c3d0c0e8dcbda9a79724d
46c299242a5d4b158b59c7eff0388a36b10765708113d616f9b3351e04d8bd68
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb0b8d62969db7fec555e0cfdeccae993909daff5c49ac3a4b7b58e3efba08a
4def68342b5b31c55497a9ce159a52ac322a42bbf68698541bcb0dc1a5266672
4e9bf4e1d1c9f97be0ecf50f4276a754a0b7826d513efcd9bf542e924cceee25
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
53b432abc7b7bca1b37ea5a8eff17f1cf42c6bfee994afdac382516816eba433
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5588d0f27de7004c7f4e7bad4481bd85df636b37fb225b9c11f108740162a87a
56b3b0631f9aa8ce20fc17fe0d49609269b676f524c96ce550ea9537560a18f2
578f93ffa4f4bfabc4231039a273babd4049c7c385eb66c2998e4dd247c85076
584659b4657a2b055ca6360cb6429f1086a7247ef2cdcec01378f3a3b93caeae
584b0accadc79e1b7911494b1fa3200666a59fbff926a255428ecd90367f55b3
59176b1eedef6fc7abd5c3a4cecd8064709cac3e1e95c8a128fdba79badab3d8
595235a7e1a5d5ba486e141c01cda5bccac787e66649e82cec5a2c9878a5e80e
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5c99b625a90059af53811d86d9ead4ffa200f25cd6d16601c73ab9ba89495729
5d1312d78dd7e434178dad3ad4b96e2d191351703f2c7f61662d915a54bdc4ea
5df9d312caf6209b5e49a4842c05b32ee2d09cfbd2e33f1f578d2d7427275b30
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5fa6c2de6e51c36c11282fcdf8bc58c326710301a47cac9a3fc1b5c9582ebf9a
603dd45e77d021c9f286f46775ebd1c3237ba675f908029bb50e2a147ad20ba7
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64228432f2eecb8e3fa285fd4b46f71a5a8896dc4f9e1a6c56f749217b79d8b5
64486bbff32304c96411157492cb642527e91a8e6b31c7afc22ffbc6f6b923bf
652492fbeb7ad4c7f2cf44d4e7653debb1f2b0600d542ab92d8b7897d682ba06
66c76b125fc3496d8c3682df4a2cbaedd8b20d56967923149bb31de7bd0f6ef7
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
676b08b58a83b85d935259990e459dbb39d53b7709eecb0fa42c8c3b60d17e96
67a58352f8683d1ca5b113fbd1e03ca555aab03f04fa15c1f2a6675fa7f9ca21
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
687209794d4e70294429aa29b82426973be192db764358e957c037dd43bdf160
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41
6c8f15ca48e7d1a113b6a27cd9ec6490df183aa8157c648a0d9a1c81413a1e0a
6d722e0fd0a55fdce5349b24c7c7b894058b2f4ded1e55de380cb84da8f7a561
6d8cd0dfd5d387409a996af662ec466d60d3e68130bad37f4d6516d74fd128a0
6dde8a79580e69b192da122b49b5633ee16d63051eee06eaf6c808b4653bdf4c
7033c1ee58c73352f6544bbcb2f559e9cabaaa8cbd19142a76a9ecf1848aaab5
72052062883433089a1f83541b9ac5a34031cee1bcb1dc27d0aadf57ea34e174
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75befd9446f7f1cd9e6b1ec31edc4848adafc960a6635339f106e2a7f5092b8b
76688317b3c3634971711154c298d9d93ab26f1e2e7d970356ce2b6fdb3fc126
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79ac1efa0984c94727fb6d27906e9bcae3265dfc85187f4d56323b1b9d4d6c9e
7b4eb384716e1d76a1fe9012ec485ff36dc1f1c9aa3a8db3f917924bfcfb1d45
7b94e6b15d529b86645b9d233124605155fee5e0d0548ad4864677518aa9653c
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7c13154be2e4f736960a397be5161723e25f21934ad508e5a7147902227df964
7cc57ae42e3e8a14147e5f7db8e40ea94783e5a838d9fdc99c8b17f2d281be6b
81af59c9cac3fe443cb641aa46a5a14b55dea0374fe350adec6ab341d389ab85
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8567232c5deaa2f9fdbacfe9fd7c2164c143aa39e197fee635058f4b872c2122
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
8ad37d331a1b6b1a799cc01474c049a7f46284a51eba350a921385b2c05ad18e
8c69126babfad07d3771743ca0e2f574b9be1f40ac4ce6c7c3cd7a5be9cda85a
8cd9267b8696b28c580df153b5cfd23f4166c2ace32afcd46755e1c097102cbd
8d5ecbf788b59458f6a4466c9885651cb08c936c6b411fd990e19fb59a01d1d0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8d899fc968449336530c3a3acee69d1375f73ff015abdac04832c0566bfaa996
8f197d07f0dd1f37bb818793abd3bd443f8b1e596668a2cee9c6cff535f49895
8f2fa3512a351635d46ea8ed645035eb1e4bdc31822f75e17e7497caf36ac395
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
90b967ef19bddd6abd96f01b96aba93d3a8ea70ea66bf26c1fe5edefe36750bf
91a84ab481a5cd3650971aead9104d8e12a6ba67c1f3e43c77fc72fd90b33fa6
923405c21e3c3d0731a0cd462e4607a85dbd8e8f92be4bfb0e1a65c9c4340c50
94ba87e291dd9b359fb5338addded345be10063646c3d2d94f8694981984ad93
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
965633fe42721492cfbaf60f35d15e2e8ebb9f65f388c00851c0926b0a2c8a13
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97185c50da5c5ee4fcc5ec6cbd29049d4c9aa40fde32a12bf50c999b1ba6cf16
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc1de1a2b2bf6a40d9a0e4d162d6bca439dad8fd6f919b0c9122438559bde70
9f0ebe864c7df21c17fbdddf364c37fad6d03016de0ef583fc697979b442d2d3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0021c555840f18e2c0392c1621e766e7bca80600dbac87ba37337e73ffe72d1
a0be26a38f4c076a9bee84f35d0e96c0fd2f23cf2f10e056850249d0b678f3c9
a2ca6a79fa0a79f3547f03b20f44bd3f2ab4374f0d0f9fe623f1e5220e553cc9
a3ac569d2e6eef1f853b2e95348d5acc3e23ebb4c5bc860a1f8d7a5ac32bee16
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69
ac952c264716f6b2b5dd7cbd4d34338f919ce25ce13d0d8f333170a3d9b561cc
b084bccf56424e2c46798c98c4660855758741cbab22e992cc743d8f483e39b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e76b5be2d73eca22ad11ebe8d7300cdd7b9f07ca86d238df6923f1f861007d
b224e00ffd808c54cd772e8cada611e21717655492ab38ec4a6fa0a3c5f7af25
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
b32035628570ab5588a0e4da9ff1cf2b71a2619b0f715376551f34ecf7839b8b
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b35ced4ee2b9a3b93761efe1a6fb27aca094b205b00815104f7c912eb9408a46
b63ff00ed0aeaf0251b242001f7f4b5787ee14062c7a212c3fb4d57944b284b7
b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f
b6fe4b47de602589e4fbb5ab2ad6ee79456e6eb231a500f2bcb86a197a79ddff
b84539269ca2629b9be42e7835d07afa3827af813602c4c0b98fa1f2047c98b7
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
bc159f0c404f829a220e57919ab0850d1ee87a0decdb98e586b995aa37d14e4c
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84431e623a1155a7d0a6edd5c9e7668a91684c4a7607b7c0661aa364e0361e3
c86fb30849621083592a7213bc9fffb74e89da1007adeca50f9e4e20baa00e7d
c9d82f7fa499cfcf79fb47fc1577ae16b2eb24ce1ba683735d704b4f41d5a365
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a
cbf68c19281267c0308f43ddd817af6168f4177a996d1a8f9c001fd653e0a721
cc2431ed3e0756ba3e45e68cdecdd2073884c85a85e7d7d3266d902f00a5d6e6
cd12aa5462f9fbcc60d144b717feddff6be69fab664ff5799a9969be95a3911c
cdb5194095b67f1ac215f38b213238abe3471fec933455d60d845bb916c30b6a
cdb52dbd4ff9bd9619f968c33f132742c55aa2b5b72246d3bd44012f1dccb2bb
ce2441c6fb8780a9815d6e5e5285f4e55da5d268147c89faa03cccbcd5d06383
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9d63ab70b969e2fdafdb4f8c6d5feb9432832e1d722d7285d957569327dcb1
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d04b0ed757cc19dbe7aae9f7b3146625479776888fde5ddac26df2fa3388ad01
d071d906213564d0776cc1ebc68de3d29a469af2bc91a24e4ec66899e927c10d
d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af
d12f11ecff0846a9d52ffb877456b3c9c11c8ea2cec42e3c0a8b958c63196f3c
d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681
d29f1dbc4fb51fce8983864f91c4d985575238e8f36b17a434c6ccce9fbf5c4a
d2eeea6b5f6092c8880bc657c2dae0b669e388f19f68c3933ab676b2c7f0dd49
d65a52116e712fafc1840a2ff94f5ad82e583132dc6d3a8fbc4ef3da630ae183
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d8983c51925e99fdbb858acc411d9f2322426406c4071796a4c250ded6c258da
d8d4a28ce81fdb812a774a1ecdfed0ea43e1f5754623f0a23854e969aaceb4e1
d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974
db0e1623804f57a91f35c62d76eb52d079feb4116387eceec465e27a4f43989d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
dfbdf8136c415402793f4dec9ed0776197536e92b710b49989e1655bf34c9c6b
e14d009d5c1e8953832df9e65fc55e5e91d7e7235f632b06cdd12113d334c3f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e57ca03e0c7b84832d0cee4773a90b6724e721d6ed106117eb08e263dfac4be5
e5d85de70bc0d7b51c884e182697034cbd6194315c7d46316ff0eeb2082af543
e6a27c83c2b60d3173b7e82d9d84b1902033c6155fa7173a59561bf489857777
e98f5b6d6dc680a4ce82cad16158580f79b6cb9b08af0857a3d70793ba37bc62
ea5682442991ac1c7cee7ead5f6fd2c4e283bd8488d608d2edd8999f83d16436
eab66b99121d1f77efe0db34f5c6ce02eb3947b7af28761ec13b2f9f9ad933c0
eb383f8b278a2c18a5f14f6c2374a4cb13224a985a1a6907eca9ec882f3a075a
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
ec14d7ff03d82c9844f4076d1683d35b85844914a7323552868745a0e602ed90
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
eda26ca2dee9ce3804b338b9dc870089ee9cea0d6d84c7aa20991e7ada72a1a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37af64846a7f46caa9146a95ce820e76acea1ea8f1d1472f140174605b9920
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f34b25718b86faa5494e26aa9a5a59ebfbe12d64f889ffdf5f2d6fe5eb61f4f8
f3db61a78b19859f1a85bc75b6d83c4e9f3dd105b11dd87cf38e9332d7df3a02
f46276798aa4c8a194549f07115cb1ad5298f6168a6bc5d193f43d5f1e60d315
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f6bc92316cf9b94564838ba2a15737f8da7279aaae366c47944d51e41f03bbf3
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7e0eae453b180ab7d4e236f5f396926efa232c83bbd9f4cff42b13b33a96187
f7efacc079a0c96b5cf539936afcd7cdc3650d0e94fa953130cfe2b3183a2479
f8a00dfda0cef8be30c636c39e6a48651788087390ad903a8fac6b29ebd4ab70
fa50447f38e14580ea8bd2047698d6bace11f5631ea3e5980e8a96e5ff3bef38
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
fec3d37f15773a2345f97ba63ef48b3a653d9d3c7b717d5e19c1488fbe2aa072
fed598975a2a336fc6b82f1a97f994c3eb828e2d644b31dba53f7ec581103fde
ff8aaa7ccf820d6062536b13b3be3fe432b46d9b4b8e0cd79856b1b631d211df
fff671abf26395814acb5d68e476c865e15548bb24e9e1b49543cc38560be2d3