pontiarmada.com Open in urlscan Pro
66.84.29.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides...
Effective URL:
http://pontiarmada.com/blog/info.html
Submission: On February 17 via api (February 17th 2024, 10:37:24 pm UTC) from US — Scanned from US

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 15 domains to perform 111 HTTP transactions. The main IP is 66.84.29.14, located in United States and belongs to WEBINT, US. The main domain is pontiarmada.com.

This is the only time pontiarmada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	41.221.145.2 41.221.145.2	36986 (AINET) (AINET)
1	162.215.118.10 162.215.118.10	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	66.84.29.14 66.84.29.14	11989 (WEBINT) (WEBINT)
27	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	23.237.156.34 23.237.156.34	174 (COGENT-174) (COGENT-174)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
2 9	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2600:141b:1c0... 2600:141b:1c00:f::172c:c9cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
3	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.65.166 142.250.65.166	15169 (GOOGLE) (GOOGLE)
2	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2006	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:208a::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.211.246.180 35.211.246.180	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80c::2004	() ()
111	23

1 41.221.145.2 (Zimbabwe)

ASN36986 (AINET, ZW)
PTR: afrihost.ai.co.zw

lazarus.co.zw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.215.118.10 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-118-10.unifiedlayer.com

redirect4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.84.29.14 (United States)

ASN11989 (WEBINT, US)
PTR: vmcp124.myhostcenter.com

pontiarmada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.237.156.34 (Chicago, United States)

ASN174 (COGENT-174, US)

phoneky.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:821::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:1c00:f::172c:c9cb (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.166 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:208a::1ec4 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.246.180 (None, )

ASN- ()

tps-dn-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	926 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com	71 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 ad.doubleclick.net — Cisco Umbrella Rank: 149 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551	206 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 580 rtb0.doubleverify.com — Cisco Umbrella Rank: 1079 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2817 tps.doubleverify.com — Cisco Umbrella Rank: 629 tps-dn-ue1.doubleverify.com	127 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	111 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	151 KB
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 2117
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	72 KB
1	phoneky.co.uk phoneky.co.uk — Cisco Umbrella Rank: 670911	92 KB
1	pontiarmada.com pontiarmada.com	3 KB
1	redirect4.xyz redirect4.xyz	476 B
1	lazarus.co.zw lazarus.co.zw	366 B
111	15

	Domain	Requested by
27	pagead2.googlesyndication.com	pontiarmada.com pagead2.googlesyndication.com googleads.g.doubleclick.net lazarus.co.zw ad.doubleclick.net tpc.googlesyndication.com
26	tpc.googlesyndication.com	googleads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googleadservices.com	pontiarmada.com
4	cdn.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com ad.doubleclick.net lazarus.co.zw
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	www.googletagmanager.com	pontiarmada.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	tps-dn-ue1.doubleverify.com	googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	secure.insightexpressai.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	cdn.doubleverify.com
1	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	phoneky.co.uk	pontiarmada.com
1	pontiarmada.com
1	redirect4.xyz
1	lazarus.co.zw
111	24

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
Phoneky.co.uk Sectigo RSA Domain Validation Secure Server CA	`2023-11-06` - `2024-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-16` - `2025-01-16`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://pontiarmada.com/blog/info.html
Frame ID: 76CEDCE4B5564638A2A6607B6AAA00BC
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: F39698F24149BE0AFCC61201EDD4939A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1692651616&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&dt=1708209437738&bpp=7&bdt=375&idt=425&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1444428771663&frm=20&pv=2&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=466
Frame ID: A46A4AF148215824D5B3153725B27D91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=854766408&pi=t.ma~as.9200663831&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437745&bpp=2&bdt=382&idt=475&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=487
Frame ID: 6B660FBC90E0C95282122E9A47B3CC60
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8530361948&adk=4243878374&adf=1525029410&pi=t.ma~as.8530361948&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437747&bpp=1&bdt=384&idt=501&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=518
Frame ID: 1D1E068C2046BB831466B8EB6C2AE5D7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552
Frame ID: 18FA7CBC56A061376F849EDF7BA7B635
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: E044F50527F3FD1013A4A38630A97478
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: BF28024188F3FB4629FE4F455CFABDFF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: FF994F9761294E23688A1EE11F7EC21C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3915229128ACF1560B1AE6733A811EFF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: 3A2BA42FCE0460FBA030CD6C88ACEE89
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 04145A5A40B2AC1B96455CAD94F435EA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5440.js
Frame ID: 2E71C64632601CECE45FD70141E0BEE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AB5E9560DFC2E72EB56BDA49CB7560F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F37503CF9620B63008176F807A08E12E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categ... Page URL
http://redirect4.xyz/ Page URL
http://pontiarmada.com/blog/info.html Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

111
Requests

95 %
HTTPS

59 %
IPv6

15
Domains

24
Subdomains

23
IPs

2
Countries

1786 kB
Transfer

4752 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides/81-depressed-woman-in-therapy Page URL
http://redirect4.xyz/ Page URL
http://pontiarmada.com/blog/info.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=CDXhtHjXRZdP0EfDxj-8Praet4AG6tdj4dZaVytOcEufNwoeRDhABINXo1EZgyYaAgNyjxBCgAfXrjvkCyAEJqAMByAPLBKoEggJP0AdkRMOyrSka9-997W8WpxgdsdK97mKTiGR9_m5r8Z6s0ZxHRzSefvMeG349JBKpZHgP365Z584JxyZLy7NX03zKh1J-MpMEsDMPJSDHGz9S85MiQZIXBe3uejJiqY8_C1dq-8qpJpbc-odsVmjNcwv9sANn1LiwYUG2tFzxuIWmVinGsPxp_PzeCLJdLbfsZntNXnKD5jlblYfrBvhlq1083n6hBWKPfjsZye1DbOhl0KE86jb6MORE2kDyumuEYTfOYFTlm5ZS-yJPw_aV6MtXd3S7jiTPVMsqm4bGfxOuDFq9sVaBmoODoUsdRUz5d4gxk87RIN5LwiMTkW3GT9PABKPe1MzaBIgFr63Vo06SBQQIBBgBkgUECAUYBKAGLoAH79CyhRioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDUvQvSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYg8OVhrizhAOaCfkBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_cD1BdXRvbWF0ZStTT0MrMitTZWN1cml0eStDb21wbGlhbmNlJmhzcGFydD15YWhvbyZoc2ltcD15aHNtLWcxMzdhJmdfYXA9Z2d0MiZ0eXBlPUF1dG9tYXRlU09DMlNlY3VyaXR5Q29tcGxpYW5jZSZndHlwZT0tLW1rdy0tZGMtbXQtNjkwNDQyMTMwNjA5LXMtcHRpZC0tcGdyaWQtMTYxNzU4OTE2Mzg3LWNwZ25pZC0yMTAxMjc2NDMzNS1uLWQtcGwtcG9udGlhcm1hZGEuY29tgAoByAsB2gwQCgoQsML7mM3L445jEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04ODkxMzAzNzk1NjY4MDU2GAA&sigh=V7kxJFqaxvg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_0zOK1pgWkjFt5ZbXy4DRVozn34r0hpyMZNckmOefS16agXACkf0S66C1eoxUHzX1IHQejMkwSHjKUou0DAEcuF9tiYz1gaH6YRgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b69c24309268a740000000000000000%22,%222%22:%220xd983ad4395025b780000000000000000%22,%223%22:%220xbc0914ce53f551350000000000000000%22,%224%22:%220xd3190ed5deaae0000000000000000%22,%225%22:%220x38bf8e4014d7af800000000000000000%22},%22debug_key%22:%228976522625236810073%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790869493%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229261918713036392897%22}&andc=true

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=ClOflHjXRZbXgFbrX0_wPwo-r0AKJsqnXbZjqq4_bENvZHhABINXo1EZgyYaAgNyjxBCgAdbCiNQDyAEJqAMByAPLBKoEiwJP0JyACXIQoWN6ITnuek4inbdYDyOv55LBhLHnsjy2rhINECm7H6TlHFTMk75vpf3YYHkR9CoH5mQaXkBgFg4M8TH8WQBTMmdyjSKR7A17Sgftx_9JUxVfh0wMwr9A9xMNcCwtDaUK2hHtBHOjravfmP17q5tqF74w8_Cf0sI5-xMdpw22S78SBxY7M11qrnF-HtfiHfrbB41FnYkZbSUKrTIgspX6xi2hyHyTTOC5tPfuCOeA3mV9L_hhBTsXp0S2NKtDSlX4VtW_Qu3PBeT0VefNUNt5NrjaLFYylxXDYUq-F6HHbuyvpRMEExc1IilBQGKuihmVP2tB3fvFQf7E_f4bbYNhQIFem7zABOKNy_criAXKz-ZSoAYugAeSvfcrqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQ7e4F0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM6xmYa4s4QDmglKaHR0cHM6Ly9jb21tZXJjaWFsbGF1bmRyaWVzLmNvbS9uZXctYW5kLXVzZWQtY29tbWVyY2lhbC1sYXVuZHJ5LWVxdWlwbWVudC-ACgHICwHaDBAKChCAxM3l0oXn2kISAgEDuBPkA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODkxMzAzNzk1NjY4MDU2GAA&sigh=900PAeodOrY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_6Hl7UWAwkbYHDlkqCytiCPDvg6IGfQ1MR5jZ1aaIbnvVgtJrXKSKcVJvT-ienP2KxSo4AOllfC8OyyzZxUAYnT7_75z-rrGxoyYYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9745a8d4c8519770000000000000000%22,%222%22:%220x4cba774aa13ef0810000000000000000%22,%223%22:%220x8dadb3ec19b899800000000000000000%22,%224%22:%220xf75e176446e86390000000000000000%22,%225%22:%220x1be2089ee7126a3e0000000000000000%22},%22debug_key%22:%22576918803042094120%22,%22debug_reporting%22:true,%22destination%22:%22https://commerciallaundries.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981606742%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22192494923422510257%22}&andc=true

111 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 81-depressed-woman-in-therapy
lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides/ 66 B
366 B 1212ms
337ms Document
text/html 41.221.145.2
AINET

General

Check archive.org

Show headers Download Go to

Full URL: http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides/81-depressed-woman-in-therapy
Protocol: HTTP/1.1
Server: 41.221.145.2 , Zimbabwe, ASN36986 (AINET, ZW),
Reverse DNS: afrihost.ai.co.zw
Software: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 / PHP/5.6.32
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Feb 2024 22:37:16 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.32

GET
H/1.1 200
OK /
redirect4.xyz/ 315 B
476 B 279ms
114ms Document
text/html 162.215.118.10
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://redirect4.xyz/
Protocol: HTTP/1.1
Server: 162.215.118.10 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-118-10.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: http://lazarus.co.zw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 215
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Feb 2024 22:37:17 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request info.html Show response
pontiarmada.com/blog/ 2 KB
3 KB 188ms
77ms Document
text/html 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/blog/info.html
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 48928ab499e11fe0a392e8a0396e0b55878a246910b73c4e97ab9c2ac88254a1

Request headers

Referer: http://redirect4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 2495
Content-Type: text/html
Date: Sat, 17 Feb 2024 22:37:17 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 21 Aug 2023 21:00:16 GMT
Server: Apache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 236ms
96ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8614a784198e3a10e429fefb6bb3ec9f1385ceed222d95dd739e2a665273a7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Origin: http://pontiarmada.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51361
x-xss-protection: 0
server: cafe
etag: 8112186577516823188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 22:37:17 GMT

GET
H/1.1 200
OK loading_27tbcfnm.gif
phoneky.co.uk/thumbs/screensavers/down/computer/ 92 KB
92 KB 379ms
143ms Image
image/gif 23.237.156.34
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoneky.co.uk/thumbs/screensavers/down/computer/loading_27tbcfnm.gif
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 23.237.156.34 Chicago, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d478ce748755959320de1ce5e61f7640fb25d26ca2263068f1a679ac0cd0c35c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:37:08 GMT
Last-Modified: Thu, 03 Jul 2014 03:31:00 GMT
Server: Microsoft-IIS/8.5
ETag: "b6eade356f96cf1:0"
Content-Type: image/gif
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 93832

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 224ms
84ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa219524bec5dbac6bddf664fb727dd504afde28ef3728f6bed884e7bfe2d2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70977
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Feb 2024 22:37:17 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 253ms
123ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27eb0cc6dadac4a12324039ab083af855f16ce4fcd875af4f1815bee8a437f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141222
x-xss-protection: 0
server: cafe
etag: 3925061195674246435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:37:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame F396 9 KB
5 KB 197ms
62ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:15:47 GMT
etag: 3890843268177463596
expires: Sat, 02 Mar 2024 19:15:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 87ms
86ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aea2e1772cf148c67dda2c126ac6c60318405774ba18e02c70ccc45ed273e0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 22:37:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
64ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 17 Feb 2024 23:51:42 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 85ms
85ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBKKV0FTSN&gtm=45je42e0v9109091153za200&_p=1708209437385&gcd=13l3l3l3l1&npa=0&dma=0&cid=1460424016.1708209438&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AAAI&_s=1&sid=1708209437&sct=1&seg=0&dl=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&dr=http%3A%2F%2Fredirect4.xyz%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=843
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 78ms
76ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1304919117&t=pageview&_s=1&dl=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&dr=http%3A%2F%2Fredirect4.xyz%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=276725697&gjid=857598173&cid=1460424016.1708209438&tid=UA-107533837-1&_gid=964628767.1708209438&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=261324453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A46A 193 KB
54 KB 646ms
644ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1692651616&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&dt=1708209437738&bpp=7&bdt=375&idt=425&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1444428771663&frm=20&pv=2&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f46af233d07c6f39445758123016924c73e166adb9ae80de7b8eb01f2d1e26d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:37:18 GMT
expires: Sat, 17 Feb 2024 22:37:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 98ms
97ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
97ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=popup&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B66 131 KB
43 KB 673ms
671ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=854766408&pi=t.ma~as.9200663831&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437745&bpp=2&bdt=382&idt=475&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=487

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9297faf969a6bcca612e209090e4dbab6f45755308c9011f4028f3c3547ec4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:37:18 GMT
expires: Sat, 17 Feb 2024 22:37:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D1E 129 KB
43 KB 505ms
460ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8530361948&adk=4243878374&adf=1525029410&pi=t.ma~as.8530361948&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437747&bpp=1&bdt=384&idt=501&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=518

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea4bb59d3e0e8c3318e3877d80d6c3f758c421c3ed4e1acc41a9c489c28718b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:37:18 GMT
expires: Sat, 17 Feb 2024 22:37:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18FA 63 KB
24 KB 630ms
619ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

169dc4452bab78bd3e003bc8aefa9e2b8c46c83d4773ee2a2720d457cd14d7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24694
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:37:18 GMT
expires: Sat, 17 Feb 2024 22:37:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1D1E 4 KB
1 KB 264ms
90ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8530361948&adk=4243878374&adf=1525029410&pi=t.ma~as.8530361948&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437747&bpp=1&bdt=384&idt=501&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:37:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1D1E 2 KB
902 B 224ms
87ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:51:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8328676555880044207/ Frame 1D1E 26 KB
26 KB 260ms
140ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8328676555880044207/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d6d17897b01d4329495e9c4e62c3cb3db12bb962d4bf7da0469b36b5620f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 16:05:14 GMT
date: Wed, 14 Feb 2024 16:05:14 GMT
x-content-type-options: nosniff
age: 282725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26695
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 23:59:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17633733429689783853/ Frame 1D1E 13 KB
13 KB 208ms
89ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17633733429689783853/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6c1f14a26a43c65eb9176df3e71d9b5dc0b95e60f99e9892678f9003fc016a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 20:22:18 GMT
date: Wed, 14 Feb 2024 20:22:18 GMT
x-content-type-options: nosniff
age: 267301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12847
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 23:59:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 1D1E 23 KB
9 KB 155ms
77ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1D1E 3 KB
1 KB 152ms
75ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1D1E 20 KB
8 KB 148ms
72ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1D1E 204 KB
61 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:25 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 1D1E 36 KB
15 KB 270ms
57ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B66 14 KB
1 KB 106ms
91ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=854766408&pi=t.ma~as.9200663831&w=1200&fwrn=4&fwrnh=100&lmt=1692651616&rafmt=1&format=1200x280&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708209437745&bpp=2&bdt=382&idt=475&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 20:58:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:37:19 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 165 KB
56 KB 125ms
122ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/reactive_library_fy2021.js?bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb384ac902f437642cb24c5bd54b377736bebb72f569c4efcaa26d209378a3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57071
x-xss-protection: 0
server: cafe
etag: 13119640020561494870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:37:18 GMT

GET
H2 200 ca-pub-8891303795668056 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 272ms
96ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8891303795668056?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

056285e98c90bb89eeb567912925d20fdc1fae7f665c3f1fcd474491535a39f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kJIEIThG205hy_XNkO-nZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-kJIEIThG205hy_XNkO-nZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhbo75r46sYxM4sWh3KACzdkc3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 90 KB
31 KB 140ms
136ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/slotcar_library_fy2021.js?bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2467a7601d8ee0484a2c451d29d45938a3f352699e5b6f767eed4510c98ee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32105
x-xss-protection: 0
server: cafe
etag: 2092029499630008706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:37:19 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 18FA 2 KB
1 KB 250ms
73ms Script
application/javascript 2600:141b:1c00:f::172c:c9cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11800497&cmp=31029572&plc=381714476&sid=5760734&dvregion=0&unit=300x250
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cb Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:37:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:34 GMT
Server: UploadServer
ETag: "a8006a511aee2e57196f5e8bee81dde8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 18 Feb 2024 22:37:19 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18FA 36 KB
14 KB 169ms
164ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

073e24e12102dcc4146cb7c46e7f312254b3630d54a9fecd3ead8501ec5be30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14311
x-xss-protection: 0
server: cafe
etag: 18166192812047227676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:49:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18FA 3 KB
1 KB 187ms
183ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18FA 20 KB
8 KB 194ms
189ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 18FA 204 KB
61 KB 82ms
80ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 18FA 23 KB
9 KB 188ms
184ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 6B66 2 KB
856 B 197ms
197ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:51:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 6B66 23 KB
9 KB 199ms
190ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 6B66 3 KB
1 KB 204ms
196ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 6B66 20 KB
8 KB 190ms
182ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6B66 204 KB
61 KB 79ms
73ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:25 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 6B66 36 KB
15 KB 189ms
75ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1268262004692233984/ Frame 6B66 27 KB
27 KB 208ms
205ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1268262004692233984/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5f7a340562bcb9635b5d5f1c4946ecca485fc1173a0a4e6a606a80994639ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 10:00:57 GMT
date: Fri, 16 Feb 2024 10:00:57 GMT
x-content-type-options: nosniff
age: 131782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27347
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 21:32:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6B66 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6B66 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1D1E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 585cc2c2a36b768bb36a291e469cf0b4f395b7a1627a5d380a78073970ef433f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D1E 16 KB
16 KB 269ms
63ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:33:05 GMT
x-content-type-options: nosniff
age: 234254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:33:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D1E 15 KB
15 KB 282ms
78ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 198009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
DATA 200
OK truncated
/ Frame 6B66 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f1bd80d82fadbf2aa3c3b12d2788c3e6bb1b1a7a0053b90d86aea7871c0f80a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal125.js Show response
cdn.doubleverify.com/ Frame 18FA 60 KB
20 KB 83ms
83ms Script
application/javascript 2600:141b:1c00:f::172c:c9cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11800497&cmp=31029572&plc=381714476&sid=5760734&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cb Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:37:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:36 GMT
Server: UploadServer
ETag: "8188d451e0a669939fa9ed400c00d127"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695
Expires: Sun, 16 Feb 2025 22:37:19 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6B66 33 KB
33 KB 244ms
135ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:33:15 GMT
x-content-type-options: nosniff
age: 194644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 16:33:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6B66
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDXhtHjXRZdP0EfDxj-8Praet4AG6tdj4dZaVytOcEufNwoeRDhABINXo1EZgyYaAgNyjxBCgAfXrjvkCyAEJqAMByAPLBKoEggJP0AdkRMOyrSka9-997W8WpxgdsdK97mKTiGR9_m5r8Z6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b69c24309268a740000000000000000%22,%222%22:%220xd983ad4395025b780000000000000000%22,%223%22:%220xbc0914...

0
0

237ms
93ms

Fetch
text/css

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b69c24309268a740000000000000000%22,%222%22:%220xd983ad4395025b780000000000000000%22,%223%22:%220xbc0914ce53f551350000000000000000%22,%224%22:%220xd3190ed5deaae0000000000000000%22,%225%22:%220x38bf8e4014d7af800000000000000000%22},%22debug_key%22:%228976522625236810073%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790869493%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229261918713036392897%22}&andc=true

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7b69c24309268a740000000000000000","2":"0xd983ad4395025b780000000000000000","3":"0xbc0914ce53f551350000000000000000","4":"0xd3190ed5deaae0000000000000000","5":"0x38bf8e4014d7af800000000000000000"},"debug_key":"8976522625236810073","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790869493"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"9261918713036392897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:37:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:37:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7b69c24309268a740000000000000000","2":"0xd983ad4395025b780000000000000000","3":"0xbc0914ce53f551350000000000000000","4":"0xd3190ed5deaae0000000000000000","5":"0x38bf8e4014d7af800000000000000000"},"debug_key":"8976522625236810073","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790869493"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"9261918713036392897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame E044 51 KB
19 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:16:11 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 101ms
97ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame BF28 9 KB
4 KB 67ms
66ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:15:02 GMT
etag: 3890843268177463596
expires: Sat, 02 Mar 2024 19:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWIRf7cT4_WoNQV6W9r6FuSdwZRsPM86rLJ_W_XOJVKWL4rf235t1tTz-99NXGPfcfCeOJv9mjwAJl8-YeLdvsxtMKAPE_YkMHT-MG8W1R5LF9W2K6ZBN2FpdlsZt3NoowMrEIHrA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 107ms
87ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWIRf7cT4_WoNQV6W9r6FuSdwZRsPM86rLJ_W_XOJVKWL4rf235t1tTz-99NXGPfcfCeOJv9mjwAJl8-YeLdvsxtMKAPE_YkMHT-MG8W1R5LF9W2K6ZBN2FpdlsZt3NoowMrEIHrA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA5NDM5LDQ0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL3BvbnRpYXJtYWRhLmNvbS9ibG9nL2luZm8uaHRtbCIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee047ee1f21210493f33fb10183bd31d61aec3e2db761e2028aae89346859cb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4WB3h4WeUqtlhJXMvrDXpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-4WB3h4WeUqtlhJXMvrDXpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo75r46sYxPo-HD8GyMAAAxH-g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 18FA 443 B
577 B 405ms
54ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_321108006794&jsTagObjCallback=__tagObject_callback_321108006794&num=6&ctx=11800497&cmp=31029572&plc=381714476&sid=5760734&advid=&adsrv=&unit=300x250&isdvvid=&uid=321108006794&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=121&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=13.20&callbackName=__verify_callback_321108006794
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 4fee621f57d442264f593908a5daecfbb6935b100f173a27f84453d553a8b9ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:37:19 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/16/2024 22:37:19

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 411ms
94ms Preflight
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:37:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1D1E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClOflHjXRZbXgFbrX0_wPwo-r0AKJsqnXbZjqq4_bENvZHhABINXo1EZgyYaAgNyjxBCgAdbCiNQDyAEJqAMByAPLBKoEiwJP0JyACXIQoWN6ITnuek4inbdYDyOv55LBhLHnsjy2rhINECm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9745a8d4c8519770000000000000000%22,%222%22:%220x4cba774aa13ef0810000000000000000%22,%223%22:%220x8dadb3e...

0
0

240ms
94ms

Fetch
text/css

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9745a8d4c8519770000000000000000%22,%222%22:%220x4cba774aa13ef0810000000000000000%22,%223%22:%220x8dadb3ec19b899800000000000000000%22,%224%22:%220xf75e176446e86390000000000000000%22,%225%22:%220x1be2089ee7126a3e0000000000000000%22},%22debug_key%22:%22576918803042094120%22,%22debug_reporting%22:true,%22destination%22:%22https://commerciallaundries.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981606742%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22192494923422510257%22}&andc=true

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/blog/info.html

Protocol

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9745a8d4c8519770000000000000000","2":"0x4cba774aa13ef0810000000000000000","3":"0x8dadb3ec19b899800000000000000000","4":"0xf75e176446e86390000000000000000","5":"0x1be2089ee7126a3e0000000000000000"},"debug_key":"576918803042094120","debug_reporting":true,"destination":"https://commerciallaundries.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981606742"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"192494923422510257"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:37:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:37:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9745a8d4c8519770000000000000000","2":"0x4cba774aa13ef0810000000000000000","3":"0x8dadb3ec19b899800000000000000000","4":"0xf75e176446e86390000000000000000","5":"0x1be2089ee7126a3e0000000000000000"},"debug_key":"576918803042094120","debug_reporting":true,"destination":"https://commerciallaundries.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981606742"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"192494923422510257"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame BF28 5 KB
767 B 84ms
79ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:31:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:37:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF28 205 B
520 B 70ms
65ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:50:03 GMT
x-content-type-options: nosniff
age: 168436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 23:50:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF28 604 B
696 B 70ms
66ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:16:08 GMT
x-content-type-options: nosniff
age: 224471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 08:16:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame BF28 15 KB
6 KB 71ms
68ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 22:15:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame BF28 22 KB
9 KB 70ms
67ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 22:15:14 GMT

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame FF99 51 KB
19 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:16:11 GMT

GET
H3 200 AGSKWxVb76RGYk1iNVWeJRKP3bvIJQo5DTKgNu6hY9t4BNNnScOSCscrLHh7AEfmCgvzewuCC-xVIJTj26b4c7ywDIHNuC_ULz9w2SkDHOZTFMLVpJqCGgBQe4QqLOjbeA_6nUdtOk6v7w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 105ms
104ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVb76RGYk1iNVWeJRKP3bvIJQo5DTKgNu6hY9t4BNNnScOSCscrLHh7AEfmCgvzewuCC-xVIJTj26b4c7ywDIHNuC_ULz9w2SkDHOZTFMLVpJqCGgBQe4QqLOjbeA_6nUdtOk6v7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA5NDM5LDY4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9wb250aWFybWFkYS5jb20vYmxvZy9pbmZvLmh0bWwiLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0360b627922f6f22776b8d8cb8621ef0a25e01e54691a6573b4b93bb788e3c61

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yXKf4Dc2JHyRocaPaOiIMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yXKf4Dc2JHyRocaPaOiIMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsCoxSXF4KwhxbCYfxfTeac7TNeB-KLKU6abQFzL8IypFYgfhD9jegHEBhrPmSyAmPHPCyZOIH735SUTz9eXTBJArAHE7yRfMX0D4h0-Hix866azqgCx7vrprKFAvOXMdNY9QBzzfDprChAvZp3BuhqIpwTOYJ0DxE7pM1iDgPhz5gzW30DsUz-DNQaIhXg45r86so5N4MCeRfeYAPDvSS8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 227ms
93ms Preflight
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:37:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3915 14 KB
1 KB 85ms
83ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:37:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 3915 2 KB
856 B 65ms
65ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:51:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 3915 23 KB
9 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 3915 3 KB
1 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 3915 20 KB
8 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3915 204 KB
61 KB 75ms
74ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:25 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 3915 36 KB
15 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 18FA 0
308 B 141ms
45ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=15677268ee2348e99cc69a19e718de93&vfdur=407&cbust=1708209439937276
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 17 Feb 2024 22:37:20 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-16T22:37:20

GET
H2 200 aclk Show response
ad.doubleclick.net/ddm/adj/N5359.3141888WEBHEALTHNETWORK/B31029572.381714476;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1;sz=300x250;click=https://adclick.g.doubleclick.net/ Frame 18FA 71 KB
33 KB 262ms
111ms Script
text/javascript 142.250.65.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5359.3141888WEBHEALTHNETWORK/B31029572.381714476;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1;sz=300x250;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=CuWyzHjXRZaqfF9L5zLUP4ZWkqA2xs-H0dbjfvrvUEsmF3N2XDhABINXo1EZgyYaAgNyjxBCgAdKlg68CyAEJqAMByAMCqgSPAk_QQ17J2FS8rBlh2jDdsM3YADytjECtGlB1mbG8mn7dc4Kh5p9qo_J-BUowbwHSpj9lAS0B5bjlWPWc5775nQq5-UeKnpixdAeo_JUdu16Ub7sjv7CaelkheyCp34hEHbH8Mw7G0rV-Z1wqV5e96IwQ0UitNzPiQxJufyeHmnNbXR5CtcPC-7E-ruQ56r0IZCrG_lff4zrI1AirgSpty_SwjwwtXjdGLCMALwp1WUrc290gJO0dVv4wlljmPUxHI1wKN6bjUiODRivMNvgw_neIE7xk3iZg4KlLkB3tObQu47zqMbqs56FyQuCOtnEuiXEMkSiLAiXrpeiVVjLu9VN7JpYXAkJfEnZDeyXo5AjABP_RwNvWBIgF85HEhU6gBhGAB5ba_NABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOlj66pqGuLOEA4AKAZgLAcgLAYAMAdoMEAoKEMDk2rLIkunZTRICAQOqDQJVU8gNAdgTA9AVAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIqqabhrizhAMV0jyzAB3hCgnVEAEYASAAEgI3ovD_BwE&num=1&cid=CAQSTwAvHhf_bFQVV1DCaHh92nZnXa8L-PD2qAucJ6G0ibBRgPWw1yEAvZMvQxWmKzTBoacWBl5ypYYSAZrK1N8s_OMA8CorkQMJnQMKER6i5XcYAQ&sig=AOD64_3ZCkKi3QFKdZTWwIkXZV8pfWDwnw&client=ca-pub-8891303795668056&adurl=;ord=370434331;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.166 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f6.1e100.net

Software

cafe /

Resource Hash

2e0945d35769ef9e7c0fcbab2a9522554ae959f1011665f406b64a4e1fa06527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 77ms
77ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBKKV0FTSN&gtm=45je42e0v9109091153za200&_p=1708209437385&gcd=13l3l3l3l1&npa=0&dma=0&cid=1460424016.1708209438&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AEII&sid=1708209437&sct=1&seg=0&dl=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&dr=http%3A%2F%2Fredirect4.xyz%2F&dt=&_s=2&tfd=2819
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A2B 51 KB
19 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides/81-depressed-woman-in-therapy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:16:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 18FA 204 KB
61 KB 66ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5359.3141888WEBHEALTHNETWORK/B31029572.381714476;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1;sz=300x250;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=CuWyzHjXRZaqfF9L5zLUP4ZWkqA2xs-H0dbjfvrvUEsmF3N2XDhABINXo1EZgyYaAgNyjxBCgAdKlg68CyAEJqAMByAMCqgSPAk_QQ17J2FS8rBlh2jDdsM3YADytjECtGlB1mbG8mn7dc4Kh5p9qo_J-BUowbwHSpj9lAS0B5bjlWPWc5775nQq5-UeKnpixdAeo_JUdu16Ub7sjv7CaelkheyCp34hEHbH8Mw7G0rV-Z1wqV5e96IwQ0UitNzPiQxJufyeHmnNbXR5CtcPC-7E-ruQ56r0IZCrG_lff4zrI1AirgSpty_SwjwwtXjdGLCMALwp1WUrc290gJO0dVv4wlljmPUxHI1wKN6bjUiODRivMNvgw_neIE7xk3iZg4KlLkB3tObQu47zqMbqs56FyQuCOtnEuiXEMkSiLAiXrpeiVVjLu9VN7JpYXAkJfEnZDeyXo5AjABP_RwNvWBIgF85HEhU6gBhGAB5ba_NABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOlj66pqGuLOEA4AKAZgLAcgLAYAMAdoMEAoKEMDk2rLIkunZTRICAQOqDQJVU8gNAdgTA9AVAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIqqabhrizhAMV0jyzAB3hCgnVEAEYASAAEgI3ovD_BwE&num=1&cid=CAQSTwAvHhf_bFQVV1DCaHh92nZnXa8L-PD2qAucJ6G0ibBRgPWw1yEAvZMvQxWmKzTBoacWBl5ypYYSAZrK1N8s_OMA8CorkQMJnQMKER6i5XcYAQ&sig=AOD64_3ZCkKi3QFKdZTWwIkXZV8pfWDwnw&client=ca-pub-8891303795668056&adurl=;ord=370434331;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:40:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 18FA 12 KB
4 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 18FA 0
0 277ms
130ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXwr1-YqUE2VRSNlKuqvwjrcEm7T5a6KWD2NDB015qyM-079Dp3JNTNz14JfTKDN3muZvjjbm_OzNHALtIefQfaG-EuBx43Wd-z2YgBF_DAf1I7WE2kTklnebU_mWMW9iYIAg-ccfMx2oB3yI7_dQhPvJgSQaPOCVLAI97fANZ4UlLaBuRc8AIdxtv0_4E7G7hXcq11z0zYMY&sai=AMfl-YTwRCkaU2BRYWMySpx9K3jnxYVOygjJgv6qsXenqjaPugYVbb-uHvT74nGQZ3xpFjsvLEFJxYT7hFQBURM2eZn4_Dirv_KZz3c8Zg&sig=Cg0ArKJSzCMSw84uPX__EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=5&cbvp=1&cstd=0&cisv=r20240215.30849&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:37:20 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 18FA 9 KB
4 KB 78ms
70ms Script
application/javascript 2600:141b:1c00:f::172c:c9cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11800497&cmp=31029572&sid=5760734&plc=381714476&num=&adid=&advid=8203402&adsrv=1&region=30&btreg=574052209&btadsrv=doubleclick&crt=185023955&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5359.3141888WEBHEALTHNETWORK/B31029572.381714476;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1;sz=300x250;click=https://adclick.g.doubleclick.net/aclk?sa=l&ai=CuWyzHjXRZaqfF9L5zLUP4ZWkqA2xs-H0dbjfvrvUEsmF3N2XDhABINXo1EZgyYaAgNyjxBCgAdKlg68CyAEJqAMByAMCqgSPAk_QQ17J2FS8rBlh2jDdsM3YADytjECtGlB1mbG8mn7dc4Kh5p9qo_J-BUowbwHSpj9lAS0B5bjlWPWc5775nQq5-UeKnpixdAeo_JUdu16Ub7sjv7CaelkheyCp34hEHbH8Mw7G0rV-Z1wqV5e96IwQ0UitNzPiQxJufyeHmnNbXR5CtcPC-7E-ruQ56r0IZCrG_lff4zrI1AirgSpty_SwjwwtXjdGLCMALwp1WUrc290gJO0dVv4wlljmPUxHI1wKN6bjUiODRivMNvgw_neIE7xk3iZg4KlLkB3tObQu47zqMbqs56FyQuCOtnEuiXEMkSiLAiXrpeiVVjLu9VN7JpYXAkJfEnZDeyXo5AjABP_RwNvWBIgF85HEhU6gBhGAB5ba_NABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOlj66pqGuLOEA4AKAZgLAcgLAYAMAdoMEAoKEMDk2rLIkunZTRICAQOqDQJVU8gNAdgTA9AVAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIqqabhrizhAMV0jyzAB3hCgnVEAEYASAAEgI3ovD_BwE&num=1&cid=CAQSTwAvHhf_bFQVV1DCaHh92nZnXa8L-PD2qAucJ6G0ibBRgPWw1yEAvZMvQxWmKzTBoacWBl5ypYYSAZrK1N8s_OMA8CorkQMJnQMKER6i5XcYAQ&sig=AOD64_3ZCkKi3QFKdZTWwIkXZV8pfWDwnw&client=ca-pub-8891303795668056&adurl=;ord=370434331;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cb Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0137c21026bfb70d6c38ea2c4bfe12b1ce6d9e9765f061a87afa10e89100e41d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:37:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 12:17:38 GMT
Server: UploadServer
ETag: "98a9100cf96e4be6a7f344bd733fdb63"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3637
Expires: Sat, 17 Feb 2024 22:52:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 18FA 41 KB
14 KB 70ms
62ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H2 200 7489589563196284896
s0.2mdn.net/simgad/ Frame 18FA 71 KB
72 KB 213ms
68ms Image
image/jpeg 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7489589563196284896

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

471933e5034f65073dbefd0c1f5e4367469635296f6ff74a5203c4b58659eaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 20:14:33 GMT
date: Thu, 15 Feb 2024 20:14:33 GMT
x-content-type-options: nosniff
age: 181367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72974
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 19:24:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 18FA 0
0 250ms
73ms Image
text/html 2600:141b:1c00:208a::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=9692251&siteID=N5359.3141888WEBHEALTHNETWORK&creativeID=185023955&placementID=381714476&rnd=754722657&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:208a::1ec4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 18FA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6525ee21d7034f4930cecc3638ec4dd7211667080c435b881a8c83de40c31b9d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B66 42 B
64 B 99ms
97ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuegl_bY7WHZlH-luQ3xPaNwYqdTh_kFHZ_wKnzUjNVdXnkM9N7A6VCwslXe49mTnmZQvJe46sE_Zc_NFb2Q_zR3J3FPAkuwCAc8oFGFAr7tMpP7Q-NfXayANNuHv1-T04d-u9HGjqcHDy0jYk33xkFSp0sl9SPxzE&sai=AMfl-YS4z5p0AA_Prax6SPZ1W_T17M4NlWOnUgpCRPGGz_JrGmLC_5VHm4tYafhksGYW0ySRG2HQayD-uGjPNYtWpvY3WowWJKndGGo4a_3-cCNLf_6HaiN3GNVsQIZb95TTuk9rWEmHEsbmGZ1TIta9&sig=Cg0ArKJSzK_k50ehCEtbEAE&cid=CAQSTgAvHhf_0zOK1pgWkjFt5ZbXy4DRVozn34r0hpyMZNckmOefS16agXACkf0S66C1eoxUHzX1IHQejMkwSHjKUou0DAEcuF9tiYz1gaH6YRgB&id=lidar2&mcvt=1033&p=0,0,280,1200&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=485043760&rs=2&la=1&cr=0&vs=4&r=v&co=414223900&rst=1708209438236&rpt=1069&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0414 38 KB
13 KB 74ms
73ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 145058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 06:19:42 GMT
expires: Sat, 15 Feb 2025 06:19:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements5440.js Show response
cdn.doubleverify.com/ Frame 2E71 416 KB
100 KB 82ms
81ms Script
application/javascript 2600:141b:1c00:f::172c:c9cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5440.js
Requested by: Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/components/content-component/article-categories/78-demo/slides/81-depressed-woman-in-therapy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cb Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3715577017a81981822750d6021cefbf2cf852f29bdb0b054d6496661c6048a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:37:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 08:02:46 GMT
Server: UploadServer
ETag: "b35ef464a7d552ff3fdb2e7fab469286"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101476
Expires: Sun, 16 Feb 2025 22:37:20 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0414 39 KB
15 KB 75ms
68ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D1E 42 B
64 B 99ms
98ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucQV9A6wBA42f9nkTcqer14R74tAeoOWpjKzKGzV3_MRgg6Es336jvy89U0ExhOHfzNZkWpPqCTMtpT5lK7d_I-Hczcnpd8DARYh6tfLZUFIpsfV-qJu5mw2xzOclA6hOW7CcUO7VwsHr9W7w5TTqHaxPWpyOZYqbRnlt48hPNmcc1cQtZDncXrtn1GghCwh8t_SJ3yffK86AG6Uts-68RV1QqmpiyZhiA_Zkg-LpUL1DFInS-aURMCo3hhvdKiwLIhia0ZtUmPJhgATdd6lYc49Q6T95ItD11bZu4oHmCFBIsXs4gf7YsvuybgbuyPfdTRaTxeDjU6XO5CbHX9UEk_caLaQCFWuK0mWsM8CFUaj1PEtm8oYRImnOrOJ-ZRhvbvjWFcyfjRMuhV6vePzkTdpj-g7G8QsBKXuiwKJTJLjrCCuuVwdnlJALe-LngYK_eWwq8m5FArDJblr6wY12Pyr36lHkW5XHG3Lqj4cRe2K2it-iRGTDGUOJyYy8EGPWGxjYZQjKswQNE9x8Eosf0mkH-S2k7xTSbJUdk7TrmkRbHRW88x0URMiG1UA_dCIMVZNIUAU9qd_XT4jLruq6hnwVkKOYhrMZKCViqFNmUn4CB8fhcg4zO3DUjaTulOsljKzD3Y0vxhz0sAZYfQThe08Jx_TtkVD2LjfoVbqyGGUuCeSLUKyquJcWRgenIcjro7FEjk8TuqQIUM23zACcF9hyL6iZXIDVClD74p-CNZPv-yvEYNvtXGN17f2_dASFJ-giSRphCbAXxc6DYQW2ihaEJVM-xiw7lm0M4Njk-0FEUj7XT6SRmIx4vZ-dL6BGPcRAQViF7XlbC4Dk3ooXzG009-cLXs1fpbLOZAbecpwprWNMt5eHNeITCZXvFRxcEDYonoRTQvCsG5mqzTWRz7kODtHPGPSV1sB0GXpwGeukUOBOYaW1BBGRziYQ4tU-2PVSaoLRiV8a7coFmYv7VY9F3dpzIpNQaz__7uMtxVLukEq6tg1VKvoNemJphmJnekbfu_Kf6Q3Kgr1sfyD-ue6rXAYeC22ciLPAj6uKIQnFdp75wgM964_iT4Y7vCa4NzinUq4u0KB6X26v3kX97BSykgxa8Gch9hMkxYPyDR1S8nthhA21loXlKQUyX7c4Qct3zre7cJu78muqKWsdnOeA87mpzwvwChdMpd5sw0E4PDSt7sIcNQjVdNvvdTNL3htzw-VsOOhN1_ttynoi2mD2cZOUj5cc2mXrZ8oSTHI7Oq32QqL3-yvtNSDCqla8Cda5OQVxU9Go6-GxO77WhHdrIIcE7R51vELD1l90FRiqCaLM&sai=AMfl-YRva8CDR3W6NyfegxDFPUGv4YkI1N6On6i0cG4yFDIYRQMGVFT0pr971yAtNcBGrIqQAg8f9TBCuyIxKPPzOxZ4Rgopi9NQh8SlotL2L9COALqQ5mOLgxUbZwNUCd6CudhQJ-U_ZxJdDeG2g8VM4FgRZ-nVQgpjfo3ucJA&sig=Cg0ArKJSzFeiVmnMOY1uEAE&cid=CAQSTwAvHhf_6Hl7UWAwkbYHDlkqCytiCPDvg6IGfQ1MR5jZ1aaIbnvVgtJrXKSKcVJvT-ienP2KxSo4AOllfC8OyyzZxUAYnT7_75z-rrGxoyYYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4243878374&rs=2&la=1&cr=0&vs=4&r=v&co=414223900&rst=1708209438266&rpt=1291&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2E71 1 KB
1 KB 830ms
58ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=182&ttfrms=30&brid=3&brver=121.0.6167.184&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1981&ddur=83&uid=1708209440603514&jsCallback=dvCallback_1708209440603756&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=5440&tgjsver=5440&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8891303795668056%26output%3Dhtml%26h%3D250%26slotname%3D3224607216%26adk%3D12874412%26adf%3D1839787983%26pi%3Dt.ma~as.3224607216%26w%3D300%26lmt%3D1692651616%26format%3D300x250%26url%3Dhttp%253A%252F%252Fpontiarmada.com%252Fblog%252Finfo.html%26wgl%3D1%26dt%3D1708209437748%26bpp%3D1%26bdt%3D384%26idt%3D526%26shv%3Dr20240215%26mjsv%3Dm202402140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1200x280%26nras%3D1%26correlator%3D1444428771663%26frm%3D20%26pv%3D1%26ga_vid%3D1460424016.1708209438%26ga_sid%3D1708209438%26ga_hid%3D1304919117%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D650%26ady%3D400%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44808398%252C31081140%252C31081188%252C31081223%252C42532523%252C44798934%252C44809003%252C95322434%252C95324581%252C95325067%252C31081233%252C95324154%252C95324161%252C95324430%26oid%3D2%26pvsid%3D2785051991889539%26tmod%3D131363815%26uas%3D0%26nvt%3D1%26ref%3Dhttp%253A%252F%252Fredirect4.xyz%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26dtd%3D552&fcifrms=10&brh=2&dvp_epl=180&noc=4&nav_pltfrm=Win32&ctx=11800497&cmp=31029572&sid=5760734&plc=381714476&crt=185023955&btreg=574052209&btadsrv=doubleclick&adsrv=1&advid=8203402&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1407656955.397701&ee_dp_sukv=1407656955.397701&dvp_tukv=276452100705.06&ee_dp_tukv=276452100705.06&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=345004675508&jurtd=1961018210
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 4891df768efff076d6c1816a643986f4b5a0477333973bcd1e03075319be21d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:37:21 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/16/2024 22:37:21

GET
H3 200 proxxorad. Show response
fundingchoicesmessages.google.com/f/AGSKWxV6VSIUgau-xtJzGbWZM859MLardfErNdktVqVjRavTh6sqVf5bwHaVcC7CMguClPnjKSKhwfoPsaszf-e3tFJhDoshoQf3TTy90q3tPgBAw4ReggaLoaZR7Wy6TWp-RtruxCf9FMgkFd9cafpjKOadkaLhc... 54 B
110 B 106ms
100ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV6VSIUgau-xtJzGbWZM859MLardfErNdktVqVjRavTh6sqVf5bwHaVcC7CMguClPnjKSKhwfoPsaszf-e3tFJhDoshoQf3TTy90q3tPgBAw4ReggaLoaZR7Wy6TWp-RtruxCf9FMgkFd9cafpjKOadkaLhcm7A7CCi8zbQPv79MJxlsrY9wv3foy41/_/partner_ads_/internal-ad-/syndication/ad.-adsmanager//proxxorad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c54f8d329d66301a9d79aef9c937df8914a3a88ccdce6eb2bf07dee208921728

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLZ67_uTPlIuxtPQ278SJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-uLZ67_uTPlIuxtPQ278SJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo4Fr46sYxM4sW_ZUSYAAHFHuQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 65ms
62ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30993
x-xss-protection: 0
server: cafe
etag: 5655574714832874877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:51:20 GMT

POST
H3 204 AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 221ms
90ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tGOLCHUVkQD1ooflxKB0_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tGOLCHUVkQD1ooflxKB0_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAseHVkHZvAj76zjcwAA3cYtA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 18FA 0
0 135ms
131ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXwr1-YqUE2VRSNlKuqvwjrcEm7T5a6KWD2NDB015qyM-079Dp3JNTNz14JfTKDN3muZvjjbm_OzNHALtIefQfaG-EuBx43Wd-z2YgBF_DAf1I7WE2kTklnebU_mWMW9iYIAg-ccfMx2oB3yI7_dQhPvJgSQaPOCVLAI97fANZ4UlLaBuRc8AIdxtv0_4E7G7hXcq11z0zYMY&sai=AMfl-YTwRCkaU2BRYWMySpx9K3jnxYVOygjJgv6qsXenqjaPugYVbb-uHvT74nGQZ3xpFjsvLEFJxYT7hFQBURM2eZn4_Dirv_KZz3c8Zg&sig=Cg0ArKJSzCMSw84uPX__EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=358&vt=11&dtpt=353&dett=2&cstd=0&cisv=r20240215.30849&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:37:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 18FA 0
0 137ms
136ms Fetch
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4DzAHjXRZaqfF9L5zLUP4ZWkqA2xs-H0dbjfvrvUEsmF3N2XDhABINXo1EZgyYaAgNyjxBCgAdKlg68CyAEJqAMByAMCqgSMAk_QQ17J2FS8rBlh2jDdsM3YADytjECtGlB1mbG8mn7dc4Kh5p9qo_J-BUowbwHSpj9lAS0B5bjlWPWc5775nQq5-UeKnpixdAeo_JUdu16Ub7sjv7CaelkheyCp34hEHbH8Mw7G0rV-Z1wqV5e96IwQ0UitNzPiQxJufyeHmnNbXR5CtcPC-7E-ruQ56r0IZCrG_lff4zrI1AirgSpty_SwjwwtXjdGLCMALwp1WUrc290gJO0dVv4wlljmPUxHI1wKN6bjUiODRivMNvgw_neIE7xk3iZg4KlLkB3tObQu47yoM5s-fjTLI3E347H72rHx6Q6BhizFvXMn91N_bqlUCo64448M0iOkkavABP_RwNvWBIgF85HEhU6gBhGAB5ba_NABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQ0qIe0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WPrqmoa4s4QDgAoByAsB2gwQCgoQwOTassiS6dlNEgIBA9gTA9AVAYAXAbIXHAoaCAASFHB1Yi04ODkxMzAzNzk1NjY4MDU2GAA&sigh=S4HTb_CXPmI&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_bFQVV1DCaHh92nZnXa8L-PD2qAucJ6G0ibBRgPWw1yEAvZMvQxWmKzTBoacWBl5ypYYSAZrK1N8s_OMA8CorkQMJnQMKER6i5XcYAQ&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
87ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0-rVebQjU1a1roWfS1S06g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0-rVebQjU1a1roWfS1S06g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAsfHVkHZtAx-1dlxkBAXsYyQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 98ms
97ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GIHBHpnSod3SUDOcT8ad2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GIHBHpnSod3SUDOcT8ad2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAsfHVkHZvAgR9z7zACAAUuGRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 105ms
104ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HzP9cTgA6Xt4ia_g8yzGaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HzP9cTgA6Xt4ia_g8yzGaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAsfHVkHZvAitltDxkBAg8YiQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://pontiarmada.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWVgq31hEqkgmFT6HZq19EdYWjaVcRv42YmB6n_mj5HDm90y5wC_p-Rl2SceEmvl2KqoctBRG5W1A6QqiQy7vEZ_b19fTpxyneP4uDHAeM7S0dKf9gRt_4MU_11tY_qSM9EMdE56A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 101ms
100ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWVgq31hEqkgmFT6HZq19EdYWjaVcRv42YmB6n_mj5HDm90y5wC_p-Rl2SceEmvl2KqoctBRG5W1A6QqiQy7vEZ_b19fTpxyneP4uDHAeM7S0dKf9gRt_4MU_11tY_qSM9EMdE56A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA5NDQxLDQxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL3BvbnRpYXJtYWRhLmNvbS9ibG9nL2luZm8uaHRtbCIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8ff1c40dbd80037512e9559643e209fc137fb9c44f4f2d010429afb05b76891

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sKrlBpVFGWZQ4wWeFYCUxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-sKrlBpVFGWZQ4wWeFYCUxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo6Fr46sYxN4MGviA0YABtZHvQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0414 0
20 B 98ms
96ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmwEEIDXRZdS0CO2bnboP5M6l-A4AAAAAOAHgBAI&bg=!p6SlpOvNAAZN4L4YbeA7ADQBe5WfOFNrfAZypMPlLhxqFU5s2llxVEwZTBf6OeBfs3K9TjBRjlT8VdDfs-C6X7RohQsYAgAAAupSAAAABGgBB5kC_qJmaaZ5qp80SYV0bZiLW9uiyVoIZMFe6ubYhwFobrV7cO1rmqSPo0xUNWBnBATrMGj5Pqb7WijtlJERrcXCMaEiTRtzsBuqWvhriK9JixZLq0A-2WJYpx9FUFRLOje2PLOFdbH2jmd08hjo72NOZG3G3kGUBi5k8tTBE23jbjOVScPmX1UwPmqFlRMzZopD_LsmeBLLgi1zbAiqGAC2IhmyxBogzNDxvpIB3Qcr2Wv4Yo1TGat0Q0i-Q3CCxwZWKEdqWmkkVvLSA3Ztt-D87otXlhPkL7AVpufMVEaFP5-J-pHXxylWdGmQ9ZMYCinuSSWyhhdMC3BWjCpMGmTLTh-0P6ezEqWSWkO_eG-S90k3QQQIrepbP-7ufmEpBc_ZQOE_po-ZS0hY0j1qVib_CYX2mOSASdngj9lyW44EwlzRdWI7L7L9xxH_8mTxZgXzkt1mGhztC3L0tOL-_ZzD9bPmhpxRFiuEzn6RCkOxT_P6KeeE2TpI_Ky4mdmkUfxpGbM8Pw7HsLh4ZH8WV2GlVtHWs_tkyLo77TNw6JtZQtXBwYSWidVfSXo7fRUmHYW_JEjB5qht2PrhnRlIwd3JOUWHgPTLY9FU5e6e-Npo9OdhtwSqwjQHSvf1o8MDNy-wfTGMXyGQLsp0RZmySm0uDZM2yEVIwq-EU4O5dLjQpMTOUcNoKFieCl1Xvf-pysXkLA6iVIokUJ8Ck6fTaEtHypGPmKkVc_jGbOOi_l6oYtqTf5G8dlVVwP4OWA35kFf6yRF_QJ_K4AimFO9E8FgUfrWZPr2UJw8OqXVfmPAi5z2s6tc_Do9OGm1V_DpCxShgewGe1L68zFMQGUPp9aUzhU3CgwxwziXLvnlQiEtXP6B96d-0pCHw5CQ2818Q-hJUtG7kcwUG2lY3DNgGMxrvkGjHUadgcS98HEgXe9JOkkT9mTSv2DBfN9jNfWC4lXVo7GkWCUkQhJl7tizRqbiVHgf49qVURU0v32VSQ0qChYAb2AMoEqtZlAaeSg8BHbk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content event.jpg
tps-dn-ue1.doubleverify.com/ Frame 2E71 0
116 B 194ms
59ms Image
text/plain 35.211.246.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ue1.doubleverify.com/event.jpg?impid=52cbeaedaa8b42a9b3ce2426e239661e&consid=&api=1&rc=true
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=3224607216&adk=12874412&adf=1839787983&pi=t.ma~as.3224607216&w=300&lmt=1692651616&format=300x250&url=http%3A%2F%2Fpontiarmada.com%2Fblog%2Finfo.html&wgl=1&dt=1708209437748&bpp=1&bdt=384&idt=526&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1444428771663&frm=20&pv=1&ga_vid=1460424016.1708209438&ga_sid=1708209438&ga_hid=1304919117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081188%2C31081223%2C42532523%2C44798934%2C44809003%2C95322434%2C95324581%2C95325067%2C31081233%2C95324154%2C95324161%2C95324430&oid=2&pvsid=2785051991889539&tmod=131363815&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=552
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.246.180 -, , ASN (),
Reverse DNS
Software: openresty/1.25.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 17 Feb 2024 22:37:21 GMT
Server: openresty/1.25.3.1

POST
H3 204 AGSKWxUVGQszeaCqeYSZY-nv6flI7MlkD1T0aXqxE7LAjOWoLo7lGCACjen991rckdyKPAbvA_BTJ4kXC_Eqkt0CofcLalqGd60KbTjXhLjvTqLMYDiVtzmbOBfq5M39s7_ZEjUFVZ3h_Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
87ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVGQszeaCqeYSZY-nv6flI7MlkD1T0aXqxE7LAjOWoLo7lGCACjen991rckdyKPAbvA_BTJ4kXC_Eqkt0CofcLalqGd60KbTjXhLjvTqLMYDiVtzmbOBfq5M39s7_ZEjUFVZ3h_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ib9x-TF_X1jh-i7V-w5bwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ib9x-TF_X1jh-i7V-w5bwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAsfHVkHZvAgdu3JzABAAOnGOU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 102ms
102ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWslM0xXqXbQfSReKvIKWq5VXQUa7eJM-Bj1W7Iqu2QquLrhe7pUxiYEIN0JvO5la9Syy_CD2yjFQbmydP-T-A_2JOGoZlldgMDlP_cFk00QXQEdYDKvnZeO6LIueKj6UgkMus69w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GmwOgVXutHQgAO8bx2y5iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GmwOgVXutHQgAO8bx2y5iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XAsfHVkHZvAiwXvZjABAAKWGOg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://pontiarmada.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 105ms
104ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e40d6d04851d28d9e3ec90328560353a3d1a44dcb6344519a70ac91dee4824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12335
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 18FA 42 B
64 B 102ms
100ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss92kQvkL_5YcUoCwvIvzv7h-CD4sRMgVIE2VqRPm3M_W5xV0mHcJx54aP0XNJyeDFXD8QRHHT-KP0gm1YR_ckzcxtXd4BlymOrUwaJLdo_8-gHm2gxBdCM3Y6mw0o7hbV_O28LKjGlzVNNoGPqHQPtvJachFB4zoY7L_j_aRUMtVhoEakvN_IUHtnOYjZatzpWwmHux2olQM5q7kYV7PyBBsk5sauIpcCOapI2BMG0FdoeQx0XSn_GnPUVyGCAwW2eD8VQzMcz1jWPXtgl9xmTlYLXX1BjbnR6J4zqrlsy6_qcq_PuYesCh5NjqOPVXxLGbWaOAkVAQEiMNwpeWO2wdhNVmU4-iBxjZLnBI7FyaptzTGr6Q1aW73g4di1v8U3lyy6wp9xFei05hqJGVPGZCrX3aZKN1sQjs9OFYM2GvNip8mPzbdx6vY0TmQQ3vQeccvOgHtP_MwSpXQ-iT09lja0stAoSiVvOCiLcl5V3hNuJ7UY3ybqvIrna6u_6U2EMBqtEa0kfZtdiOYtb_hPjI6ybjg7n5Idgiq4ktqyTV2ehUziZtMx2FbtD1r3cyFQwnKdxRlx1hXXgZpdQzc4NOfefGKRaPcPaQjQ3AVuszbkKvsvlmy8SxZOjP8CDWsBIhZqA3HuHyOzaXcKhvwoDH-pn3ds81NxKrxzYBRDmP9shDPb2o5xAvNuq2r5TLvUmyR4LPk_aPi8P8QRRVOQtHqVRKmcRF-h5lv-9nm6dSLOHy_mQNOnyndz13XZexqWaPHg62GnjLYFG2BUuW2MZUStfHuQgJL6iS9XJrM46j0WOs-fzqhkuSqsAGQ7uKl1H9XUl5Z8hHfAhXOV93HTKFQ5k_AhUF-lK_evPqqGtMeWO4aVWYnImO28vPmd9P5fibiszLlUQhXuehxOTzdKdloe0xTi13BC99AqSD9y_hNRvp04S1A7wYIgWL2qK3UxDl6rniQdP7hCw10R2tUJwHsqfLfd3VnSnr8cCwFzFTf6V0b_X0ED7F6AGLAL_6rm6ud1AGA7OwPiYL0Neb4ELupThL8PWXtVegKYt_bVxKIZbveMCAbEmU590Rv0_6sNnO7XESIsOV9YAmnqMaU_ogrWIG6_4HARFS4D18fFhSeyhcmsIDB18qh8thplvSj_TERJN75m9iZXR&sai=AMfl-YQcxGzJPcgndH2ZKKhRCJ2_GFCTojMrWLbyaslI2BGa77_8Uon30m5IJLE3V8EVi96UkZfzzbFBRGBwr8Iirn3Q9uDeuTZOVaCbr0hDkWIMDvWxZAeaL2CZOLoVN3estaIdzMtpS2ZkAjMviCDhFO2bIMZBd6VKkJr44Gs&sig=Cg0ArKJSzC9-V9vuFxQwEAE&cid=CAQSTwAvHhf_bFQVV1DCaHh92nZnXa8L-PD2qAucJ6G0ibBRgPWw1yEAvZMvQxWmKzTBoacWBl5ypYYSAZrK1N8s_OMA8CorkQMJnQMKER6i5XcYAQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=12874412&rs=2&la=0&cr=0&vs=4&r=v&co=414224000&rst=1708209438310&rpt=2325&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 18FA 42 B
64 B 100ms
98ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2ZoVv2z1j49cRyG6j4dWQTGevH0W51C19cqFguwCgu2tMrv1_LBrIMLlKVEbCnbmHrZD-QzsGkCL0rM4gUF4htjRLDd19im_-ju5GIXRqKZ0GF8jbRZyp4pjptRiqnh8_QLw7OBbkdOLPIw&sig=Cg0ArKJSzIlJYZyBLFdMEAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&vs=4&r=v&co=414224000&rst=1708209438310&rpt=2328&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:37:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
79ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 22:37:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AB5 13 KB
5 KB 65ms
64ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 181805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:07:16 GMT
expires: Fri, 14 Feb 2025 20:07:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F375 829 B
1 KB 243ms
84ms Document
text/html 2607:f8b0:4006:80c::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

320e4c977cdd7fb91c8c99b4a5db89bb3b8fb2bcaca203c21f45421d9e979903

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_z0FXQmoRsXAXw3BEe2-LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_z0FXQmoRsXAXw3BEe2-LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:37:22 GMT
expires: Sat, 17 Feb 2024 22:37:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AB5 39 KB
15 KB 74ms
73ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0AB5 0
10 B 65ms
63ms Image
text/plain 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CgwLKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:37:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F375 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=2785051991889539&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=2785051991889539&bg=!v7ylvPPNAAZN4L4YbeA7ADQBe5WfOK8op8OoDKbbOE0SHr5YApsRq-u3mb0W-u1TfDcsj1mB6tiKibUnoJkdfQ4mrVGdAgAAAGtSAAAAA2gBB5kCz1jlWQ-xxLgJJKd0nxH6EWlHJBv6i94a21HB10RwlggtvafsfJutuM6e5RvYAgD2Mq9iHkFt9Bm4W6U41NsePHYOb1dRB6WIMGn13dCa0nG4Cm7ya_d-BbqbxO3Xa7p-YD3zCGL5tIEpcE1pRJkkAIydfOeo3jgpHJhhsGJoLVizgtlmxQKwincNgeCx8VoOW1LKqFG2Ec2VHOw0MkurwW-Ksi_eUwmqReuaDdvRS6FNLsT0dGzcJDHIkfv4PejMzrx7Pl3b85FvqdsZzP43ECQBnun6PUknkoMbjNP__04dIKsk5VGnnejW8xEXtchiZig4fsKRLRquL7AQLJsvrZqD_CdtrjVCwO5Cm246oeSpVqYJge9hE-kWoHtSiWyvWnnlSuiEUavOZZUNPaMQlLNw9O88m0gp43DOiclI-NOgEvQIw7iiPzPHstCkRLhfVAheBTwyO0IrvgC6OFxP59sPaBNoa8o5j5x_J99l53bIEc1QkksgG-MlQABvnXjO7A89UiJF6V85zxWGmXRcROCJTf2_WSS1K8fe4pSLIkTbDv55juYTKOa7MBcRLra2Z66DhfUkUETNI6iZasataaJ4KIb5XR3SvrVflrMtG9OJqsT1kKWCyf9QAio3e_pZ18EnRfqNy96DYEIAklo9rjlht2WSjG7g9u5DZdpEHI9cbU1WCGyT2OsTnp1EA7eth-HEcf2wLWwi9eKKBguUOcH309G9M0lj0BOGJtpKa5WPTjSU2EsC3JHeI9wlEDqqiVNeQtprmxyUnNpXBTVGhf0GLhToN_QqpZMBazQ0TyLVik_QLgAE1PQWOjGxup-_E8uOyLz4rkoAOIm5XzEzN6geDcLnHPMnyszSoLbkWf36WXFgnSH0RHhphG1Ia0fSwUpKrdGBWDP6x9vYUhVOQ3bEaWOfxCPgag1yPv32YoUh5dAXgGhhrLvDsPvptaHE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pontiarmada.com/	1970-01-21 04:06:09	Name: _ga Value: GA1.2.1460424016.1708209438
.pontiarmada.com/	1970-01-20 18:31:35	Name: _gid Value: GA1.2.964628767.1708209438
.pontiarmada.com/	1970-01-20 18:30:09	Name: _gat_gtag_UA_107533837_1 Value: 1
.pontiarmada.com/	1970-01-21 03:51:45	Name: __gads Value: ID=d56bf62f8ec49874:T=1708209438:RT=1708209438:S=ALNI_MYkAf91Ogab2_oUFyXKrxELeVEzSA
.pontiarmada.com/	1970-01-21 03:51:45	Name: __gpi Value: UID=00000dcad557c21e:T=1708209438:RT=1708209438:S=ALNI_MZ3Zpk9Ah4C2UH-Z4Z5ocL0gITDEA
.pontiarmada.com/	1970-01-20 22:49:21	Name: __eoi Value: ID=18d8af22f3ab649d:T=1708209438:RT=1708209438:S=AA-AfjYhPyXeTgDXK2IqIumaZkmH
.doubleclick.net/	1970-01-21 04:06:09	Name: IDE Value: AHWqTUnK_UV17mkKDA7Jr4RikHbwBtE5SRXOvFxKrTPqLOlPybeGSaP0uf1SF_NqBLQ
.googleadservices.com/	1970-01-20 20:39:45	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 22:49:21	Name: APC Value: AfxxVi7hON6pZfykMD9XrrP_PSOhOyIloG7Pf4VoCgcwQ7S_gV4ZTA
.doubleclick.net/	1970-01-20 22:49:21	Name: receive-cookie-deprecation Value: 1
.pontiarmada.com/	1970-01-21 04:06:09	Name: _ga_HBKKV0FTSN Value: GS1.1.1708209437.1.0.1708209440.0.0.0
.insightexpressai.com/	1970-01-21 03:15:45	Name: DW Value: 00000000-0000-000b-73b1-641708209440
.insightexpressai.com/	1970-01-21 03:15:45	Name: TID Value: 00000000-0000-000b-73b1-641708209440
.insightexpressai.com/	1970-01-21 03:15:45	Name: DW_Time Value: 1708209440
.pontiarmada.com/	1970-01-21 03:15:45	Name: FCNEC Value: %5B%5B%22AKsRol_6n1lPbxGXCFZCeqzErZCbbb9pCtb7HbG3Dj1Kq5f8tLYrR-lBLcFUBCl-NPr9ZE4PMylW4BLaa0zUPQoafLa2WZbYG0K3FZJjhY3CkotU4qxdoaT3RX8ekPN1wfTD_W7etDDm5XKa9qMrTw1SVxGA7KUFpw%3D%3D%22%5D%5D

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/blog/info.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.doubleverify.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
lazarus.co.zw
pagead2.googlesyndication.com
phoneky.co.uk
pontiarmada.com
redirect4.xyz
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s0.2mdn.net
secure.insightexpressai.com
tpc.googlesyndication.com
tps-dn-ue1.doubleverify.com
tps.doubleverify.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.65.166
142.251.32.98
142.251.41.2
162.215.118.10
23.237.156.34
2600:141b:1c00:208a::1ec4
2600:141b:1c00:f::172c:c9cb
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80d::2006
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
34.117.228.201
35.211.246.180
41.221.145.2
66.84.29.14
0137c21026bfb70d6c38ea2c4bfe12b1ce6d9e9765f061a87afa10e89100e41d
0360b627922f6f22776b8d8cb8621ef0a25e01e54691a6573b4b93bb788e3c61
056285e98c90bb89eeb567912925d20fdc1fae7f665c3f1fcd474491535a39f3
073e24e12102dcc4146cb7c46e7f312254b3630d54a9fecd3ead8501ec5be30d
09e40d6d04851d28d9e3ec90328560353a3d1a44dcb6344519a70ac91dee4824
0b6c1f14a26a43c65eb9176df3e71d9b5dc0b95e60f99e9892678f9003fc016a
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
0f1bd80d82fadbf2aa3c3b12d2788c3e6bb1b1a7a0053b90d86aea7871c0f80a
169dc4452bab78bd3e003bc8aefa9e2b8c46c83d4773ee2a2720d457cd14d7f3
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
27eb0cc6dadac4a12324039ab083af855f16ce4fcd875af4f1815bee8a437f9f
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e0945d35769ef9e7c0fcbab2a9522554ae959f1011665f406b64a4e1fa06527
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320e4c977cdd7fb91c8c99b4a5db89bb3b8fb2bcaca203c21f45421d9e979903
3715577017a81981822750d6021cefbf2cf852f29bdb0b054d6496661c6048a5
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
471933e5034f65073dbefd0c1f5e4367469635296f6ff74a5203c4b58659eaae
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4891df768efff076d6c1816a643986f4b5a0477333973bcd1e03075319be21d3
48928ab499e11fe0a392e8a0396e0b55878a246910b73c4e97ab9c2ac88254a1
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fee621f57d442264f593908a5daecfbb6935b100f173a27f84453d553a8b9ca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585cc2c2a36b768bb36a291e469cf0b4f395b7a1627a5d380a78073970ef433f
5a5f7a340562bcb9635b5d5f1c4946ecca485fc1173a0a4e6a606a80994639ba
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6525ee21d7034f4930cecc3638ec4dd7211667080c435b881a8c83de40c31b9d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
80d6d17897b01d4329495e9c4e62c3cb3db12bb962d4bf7da0469b36b5620f15
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8614a784198e3a10e429fefb6bb3ec9f1385ceed222d95dd739e2a665273a7cc
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9297faf969a6bcca612e209090e4dbab6f45755308c9011f4028f3c3547ec4d1
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
aea2e1772cf148c67dda2c126ac6c60318405774ba18e02c70ccc45ed273e0ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c2467a7601d8ee0484a2c451d29d45938a3f352699e5b6f767eed4510c98ee5e
c54f8d329d66301a9d79aef9c937df8914a3a88ccdce6eb2bf07dee208921728
d478ce748755959320de1ce5e61f7640fb25d26ca2263068f1a679ac0cd0c35c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e8ff1c40dbd80037512e9559643e209fc137fb9c44f4f2d010429afb05b76891
ea4bb59d3e0e8c3318e3877d80d6c3f758c421c3ed4e1acc41a9c489c28718b9
eb384ac902f437642cb24c5bd54b377736bebb72f569c4efcaa26d209378a3b1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee047ee1f21210493f33fb10183bd31d61aec3e2db761e2028aae89346859cb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46af233d07c6f39445758123016924c73e166adb9ae80de7b8eb01f2d1e26d2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa219524bec5dbac6bddf664fb727dd504afde28ef3728f6bed884e7bfe2d2ec

pontiarmada.com Open in urlscan Pro 66.84.29.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

95 %HTTPS

59 %IPv6

15 Domains

24 Subdomains

23 IPs

2 Countries

1786 kBTransfer

4752 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pontiarmada.com Open in urlscan Pro
66.84.29.14 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

95 %
HTTPS

59 %
IPv6

15
Domains

24
Subdomains

23
IPs

2
Countries

1786 kB
Transfer

4752 kB
Size

15
Cookies

111 HTTP transactions
5 data transactions