www.jatimnetwork.com Open in urlscan Pro
52.222.236.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jatimnetwork.com/
Effective URL:
https://www.jatimnetwork.com/
Submission Tags: tranco_l324
Submission: On November 12 via api (November 12th 2021, 5:39:40 am UTC) from DE — Scanned from DE

Summary HTTP 373 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 28 domains to perform 373 HTTP transactions. The main IP is 52.222.236.110, located in United States and belongs to AMAZON-02, US. The main domain is www.jatimnetwork.com.
TLS certificate: Issued by Amazon on July 23rd 2021. Valid for: a year.

This is the only time www.jatimnetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	13.229.41.106 13.229.41.106	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.110 52.222.236.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
88	2600:9000:223... 2600:9000:223e:f200:13:3dcc:7840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	89.187.162.244 89.187.162.244	60068 (CDN77 ^_^) (CDN77 ^_^)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a6::7ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.14 18.66.97.14	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
1	44.239.69.74 44.239.69.74	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
19	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
3	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	52.211.22.238 52.211.22.238	16509 (AMAZON-02) (AMAZON-02)
13 21	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
5	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
5	13.32.121.5 13.32.121.5	16509 (AMAZON-02) (AMAZON-02)
6 9	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	18.156.147.57 18.156.147.57	16509 (AMAZON-02) (AMAZON-02)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
17	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
12	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
15	52.222.214.4 52.222.214.4	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
8	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
373	41

2 13.229.41.106 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-41-106.ap-southeast-1.compute.amazonaws.com

jatimnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-110.fra56.r.cloudfront.net

www.jatimnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

88 2600:9000:223e:f200:13:3dcc:7840:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.promediateknologi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.162.244 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-641.bunnyinfra.net

propsid.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a6::7ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.69.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-69-74.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.22.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-22-238.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.66 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.15 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-5.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.94.180.125 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.147.57 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.222.214.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-4.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	promediateknologi.com assets.promediateknologi.com	1 MB
84	googlesyndication.com pagead2.googlesyndication.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com tpc.googlesyndication.com	599 KB
74	doubleclick.net 13 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	534 KB
20	2mdn.net s0.2mdn.net	467 KB
15	trustarc.com choices.trustarc.com	73 KB
9	spotxchange.com 6 redirects sync.search.spotxchange.com	6 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
7	google.com adservice.google.com www.google.com	549 B
6	yahoo.com 2 redirects ads.yahoo.com ups.analytics.yahoo.com	2 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
5	truste.com choices.truste.com	48 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	29 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	openx.net 2 redirects us-u.openx.net	832 B
3	jatimnetwork.com 2 redirects jatimnetwork.com www.jatimnetwork.com	16 KB
2	smartadserver.com rtb-csync.smartadserver.com	326 B
2	teads.tv sync.teads.tv	344 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	adsafeprotected.com pixel.adsafeprotected.com	13 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	google-analytics.com www.google-analytics.com
1	googleadservices.com partner.googleadservices.com	442 B
1	google.de adservice.google.de	792 B
1	googletagmanager.com www.googletagmanager.com	41 KB
1	fout.jp js.rfp.fout.jp	15 KB
1	b-cdn.net propsid.b-cdn.net	4 KB
0	googletagservices.com Failed www.googletagservices.com Failed
373	28

	Domain	Requested by
88	assets.promediateknologi.com	www.jatimnetwork.com assets.promediateknologi.com
47	tpc.googlesyndication.com	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com www.jatimnetwork.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.jatimnetwork.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
23	pagead2.googlesyndication.com	www.jatimnetwork.com pagead2.googlesyndication.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com bid.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
21	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net
20	s0.2mdn.net	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com www.jatimnetwork.com s0.2mdn.net
17	googleads4.g.doubleclick.net	bid.g.doubleclick.net www.jatimnetwork.com
15	choices.trustarc.com	choices.truste.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
14	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	propsid.b-cdn.net securepubads.g.doubleclick.net www.jatimnetwork.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.google.com	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
5	choices.truste.com	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
5	bid.g.doubleclick.net	1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
3	ups.analytics.yahoo.com	2 redirects googleads.g.doubleclick.net
3	pixel.advertising.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ads.yahoo.com	googleads.g.doubleclick.net
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	www.jatimnetwork.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
2	fonts.googleapis.com	www.jatimnetwork.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
2	jatimnetwork.com	2 redirects
1	pixel.adsafeprotected.com	www.jatimnetwork.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.jatimnetwork.com
1	certify.alexametrics.com	www.jatimnetwork.com
1	certify-js.alexametrics.com	www.jatimnetwork.com
1	www.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	www.jatimnetwork.com
1	js.rfp.fout.jp	www.jatimnetwork.com
1	propsid.b-cdn.net	www.jatimnetwork.com
1	www.jatimnetwork.com
0	www.googletagservices.com Failed	www.jatimnetwork.com 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
373	39

This site contains links to these domains. Also see Links.

Domain
jember.jatimnetwork.com
surabaya.jatimnetwork.com
bondowoso.jatimnetwork.com
lumajang.jatimnetwork.com

Subject Issuer	Validity	Valid
jatimnetwork.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
promediateknologi.com Amazon	`2021-04-19` - `2022-05-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rfp.fout.jp DigiCert SHA2 Secure Server CA	`2021-06-20` - `2022-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh

This page contains 43 frames:

Primary Page: https://www.jatimnetwork.com/
Frame ID: 8A1A2FDF3D6ABE61318C62C9DCB19554
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 5EAF3EE192A0BA9E53DF472D47176914
Requests: 1 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A55F08A37ADE9870668F2B696F8CC5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1636695570&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jatimnetwork.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636695568622&bpp=2&bdt=1407&idt=1425&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2819588366336&frm=20&pv=2&ga_vid=976217590.1636695570&ga_sid=1636695570&ga_hid=2104125570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432&oid=2&pvsid=3210554376835826&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1438
Frame ID: 9FCBECC6171C4690D4117A21D4FCBBDB
Requests: 1 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D323E1E6AF9F0D5D6796CFDEB703B3D4
Requests: 11 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CF8113022F13BA11A576BB5177AF76C
Requests: 1 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0372A9283895DCC26B33F05AF9831AAA
Requests: 12 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3EB1B28BE4D9CE803501F4B133BCA5E6
Requests: 11 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69A55EE6EF29AB4400AF39FEF115EF78
Requests: 12 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE35EC528019BDF507B52D7B087F54C5
Requests: 1 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FDB48A88E43006B454E00A188E3B8BF
Requests: 12 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F9F0DC637FCF12875489873E5BB0E32
Requests: 18 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07456A86C7046E17E4039C86417BB21F
Requests: 18 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 658A6D260A50BB525C5C7E354C8664D9
Requests: 17 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 31C9ED721F0987F02AE1C7CF0EEDE688
Requests: 17 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C141285BF8CC14B0BCF13DABB01DDC0E
Requests: 11 HTTP requests in this frame

Frame: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CFD5D35CBCCEDE7CF41171F427412668
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNViL3zesBqpUY-9Sr3ITWYWPLLHK03ZHMphKDnaAzy_-BPvc-1g58i73IH77HPFFw_5wYCj4SZzvzXVo1Bq-Yo3AIV8Q0PvZ7XrmMOy_VArVjVpkMkHyp00nqitb_omICtOE2d1mdUZzg6c1ywB9Vr6DyDk5oQRLuA8pAUMPu-NM_9r2Z4
Frame ID: BA693C688C66FAE25C4E0ACAFCF49FEA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-TkTtg77tbuAA2ep09FKLr9D7F6ZT0lXwciMev5XiSHg98s6WktRjf18OHGC_SLCdk0GgjcpL0r00piBcFjtsP9icjh4RTHHUxZocDYltM6BVGGtcvVDhEOgQG8R9aqLzo9LpNKxsSNYc3oNHgXe-XCiDyQ&cry=1&dbm_d=AKAmf-AzGxoAn1eCfSQQ8dNUeUvq4H8yWpJwX0JpWnWq3xJGygEaVkYLdC5mJnnRh1ZgHUs-c-QKbuH3rJ24KVXtCwD74q58TGt_NnT42MVJWpJxP3LmOSBF2hx6DPXlSsmDrPI-cvYTctlSl7QfHGaq9KAojWUAUUu_HfSe6IuMmybm-Rk7WqTpY_1EOQAJQv1XLQwQTAIcZksOU-AAwpWLOwqQc7hDmODzI78cry3c0Qg8B_B4HY0909lqWS_pbiS1joeSxLdwIOgEQAfm0MIEU9gUVSUiwLzfzH1_ehVzu1S8KLW_kRRCFVjvf_5MXltZW4sCOjqWD56V8diwQwNZKIZeyF9gecd7u1vns_SxdRIl_yI_0Im19ibIeP4YkoavHqMFg_Ok0W1pkDjXEkTkTLDLYojndPq9yd-JXyTGWWdn7gMzBBqdOYEGiKoxBwRrBCqLI5jCP0-hc_NvEuWhx7wgjRVkbmYjFeW1b1jdABO5nlmYT0vMaskZQQhAVdhJR57HNXhoeb1JKUH6cIAfF1t6B6N3JDTpXdruNKxBG7lx_5aY7TuiqH3JTRC4gtOk8Dcga8aCupgpJMpP8nU67LRAW_Ddmc2TOl8lRfwUmB47-xlyf2ykQjsVaVLFljc8OFpQ-u2c48wdUHlyfIj6KvImXpiE8sWi85x7l37PV_fngxzPaF0eMM8vy7Y_tYvAGIkU31lc4c4ZOg77oigW75Zx5SZHYl6-2xy_qVebdly3FXwzr6gSqmEqqF9c-eNUI-jnfgsUNmHr-Hx9qiR7JxjiG49JUzUEF3ZTatqGUb8r1HChooH8mcxoTcFDe_Z4AMCqYsFXYtHFPYN83TDbVbJY-wRI8W5QSyYgl373Yd_uiKDQeP6dB6IcUrla_iXVLbfYl6B66Zsnt81fOeoZV6tw_fOeaQghDf1AG5fWE-e-YAXSXUFxWZV_55loxQiLFFJlH11YqGMjzDw7X33_5btobUki_7hlkLvlPASg4Z94rXwx41N2RTP14cUuKT4vigKhOzZ7HMfjwXFIu52VZitwrVkGrZgToY9wbl5OcyWIS7S9C1ci52aR8NYhAMuY431vZx8J8TueWIwBVpZNNE8Ju9pbpuv5EHr1mnCF5NHw-3MexDxAE2y3B_qCz7liOOqNzoAr-m5ZUmu4ZMIvTxRmss-4fiQbyFpsR3Gvu0hw2nvinbYLThuUbxM59pDw7Q7J30A83vmpzETsJO9vt7A8Lvj-qBBrzuAenrfkxSNtyb4PrCoYPz_CK5UaX_aMjScVdY1IY-B1bQPbZcdokFBPjCDr-sxHeajWUbqAEae-gt4WlLPApYO4hWWGLavYBIab-BnEK1YFFH0Ba45sBPRtfKTi6STiBQOpljk-KoXkFbkO2Q8Z1h4UNVa7YD1nwV9KNy-LI165MPPsF0KdMlwOSmcD2SokCrx0n4LudfBLu8jJ8rMk4ytL9MJ6tiX00DPcDD_hzdn4wYN1mLCyCU5dJzGc7GXVLhYWiysdw6DoHUmw6dqVJpzjWIH7KWN_vv-8bIr410T1vf6wgOGhUeGeGjy4_Oayxbd_lHo4WXBK4YDKQ7CR_V42XUlMAO34k6ub1dJQNWYbF5Z8zcXDlRlJO8K8a9ZUVCcxsOlDDTimOxgMEt4J1lqgg7CNsDUxcwmAt-5w82LLMOibRjhS9x9a5bjNRzZyge7OJ8aOPlz6a0pV6WXYE73pNTaAORIqS_Yb71-qYMRnb7IY87N75SiIhJag6ueU7ExaYjsJBNnaIKHJhsRH54vXZauaHmIsqDomOyy4PLeqQ-Cy5tpbt9Aae_yD_w812PBPDjd0jdS0NJ2kxqfdsMku3MdW4IJtjUgq_TCB-jbwGj7URQ7jtctwoKDCv0PJZ4x6J0U9UpiuMm18gMz8sPpXRFfsEax069H20D-gW66Sn5PnJ4X9oKLiK5YJ9Vl45_KfLgl1vJwctmPdTHhNvpZZqQh_4IVJCQfxLEA6rstiG75Ipwx5zp3rR0QUIcR99Ww7XyNT3IWXmZ2CYdpZLRjZTd6WrCniMZ0GAtGFsZRznqA6uXrlRo4DoAKqf75HnLZOL3M0EX3UFS1bY9JMOjuE7XvacOiy3lVw7TMvwspKZL04N1guLsv6PbSmv3ZHwTtNA3Byl5E3HWpnwRSqeeMFFn9n8JxrbJWJ_zR9NTQ9eSKTqKaW4DzKlQVeYvrfugvbttOeySao9bLEdvb4DyzEALF-CwstDcQocuhWvHJ31wSMXfNBtBMpwBx1s7aQxXU9DlN3nCIffb5gS_OStmZ556RB9dKdeNkw3JLkC9K7dTZco_dhfL44Id1W6UlMDplsT2IH2Bh_-kmjmVy1VUeDEr-awY4-KWmz8CdBZ_NrRlewl0-U7lCvjvvcChitewUdutBAp8ModjJCK2UszaT9dwACj2FcHDNmYNL1kSrQnqh37PY80C3oZO6G2r8Ij9v-ht5pO-1rgmBXK1MxiO0TLu70ErCZSxvAuA75VPbl1kd0NYoV1-xh7EZfbAbHc1TVBS9AtECavW4EYuvQGKVINTBEQZSwOtyfLV2idsPbGweuvB0RJHQ73WwDitLQqzFStdrVJCqMPMi44dJkTdFdLjVMIwja_rbbEimVyBegLSayqZy6XcTgv-leCBYp-kOv_Tc5ySfHVjcj4ZYrWpl7SJcAuObfN_mV2pVnX20D8_H5kqR35n5abHcrj_B226VUT6c40p53e6DKIL-NC61FqF2mzRn89AWr0a1fBi0PrSy9dR2Gojmp125kMIvJYnlkHBvXVTwFgua6M9zNt6vwFMo4manpqvRG6X9P9-C0qvRuroSmRdwyoDV0d0sUW6alpkmHlRKU7_T7qDuE2ku4WyvfmQl4zsWBBGjNSWYDPoUlnZgVKjMAnRvLZf3O500M0HyRYCahOEL-bW_o0Svw8vgT06osejZTaePykw77Bt4x18Lt2e4gEoz_SLAwTsi4844K47QUmHEJK6-SNYLQPNh_gNyZuO6ZNcgTzDphVI1fg-CiYscS0mMvsaEMeCRgxQv-zKdxdw7vVFD38qqS0u9BGKDfW6m-aqCbVT9IRB5K3b46gYagUQlCI7y_pgLdxGZwBDR3qBA1wlmD5DYUfSp7f0HitfJFkIP6u-S6OHY_tXe66EEAawNjn6BCyzllWgGKrVbLFLQoAG82uNLUxoacCNpjE5e7kJ5W7QJLr0yaTtDb6SVe0egTKuatf5rAiQlnm3aPCNr8dGkVaXWoLipjQ8KztEfiR-s39zsruhZeXQfLDI4tqgGO-Q&cid=CAASFeRo-bdjLLePnCdkQQG_hZvb2k6aYw&rfl=2%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240
Frame ID: F82A6F2EFFAA7C00CF70785FEBD0C9A4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ49GPuwIYpdDptgEwAQ&v=APEucNWVx4cdbw4J6JknR0Bnb3ANoj0hbcmxlRI3VwJczw4c9PMpdq8v7Lvze2iKQINqJheM0fmoqZMSB0N_XAim6VB4_VRIWaBAgu2iqbbBEhf45J-NaqJKc0SfkpbD1R-s17P8U3RRshBgztXoDQJ1grF1dyjv4hlOF9WnHkeIkyvA0FFeh4M
Frame ID: 5B413042EAF8073428D2194C54846E16
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw
Frame ID: C4C8DA3AF9B18CFCF38B8A4944CC7E91
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNWq-G-RkOI3p9oCFdAO-qBMfJ8NwV6ncmEGhrlJT4iRs8bU0N_ESHWIXiPyofRd6vNRkqyYQCM5EJtO3ipGVFMGJSwGBsojs8kAKz09XnhVweGSlVhkXqUKaBjneuyEzno2sn5pNaBRpqofyCr94XrgKilHoGZRB0a_PIC2tsTT-NInPks
Frame ID: E90637DF7259164E31AC24BAB76EAA57
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNVzIHanEB6O_ZXLCirMRwmhpO_kl6fshX4W0yqJE5EfHMQU_3XfjUcR0cbwdVFEt5-lWltdmaisGeWbH-ddfAgVMtthPOugo0MwAzYAlFZ_rS3qTM_DkoyC7BzU8zVZPX1FvEvCe9vPLa2XsCERjV3enBLzxW500vBMaSluWFEkp2UqwsQ
Frame ID: 680A3BB2D680CB06A3C208F89564CF9C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNU3SMtXmpd8Wu2ptFbskhjgNzwmuGWHu3iUaYA-G6xfIl4_wqElXHNyTHFwZa--1e3ePUbynGEF7f6JpwuBFZxaHZtvrPmzwhabRCvqnvzCeuecslJ_PJ0Z3j590KTaShbJWP2y0u0NE1ZaPA13yoWMpuwQWEN89jh4oa0G1iAuecexVJc
Frame ID: D454B295F87D047A02104A37AB84BB84
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiChIa6ATAB&v=APEucNW9srJVVYHVMLvrY6_a0ZflQQxPWKjr7YBHBmXqns4B_qpqrDJ9TybCGxS5lCQBr0aUDqDXTqj58EnuyA6qckUKlyzwB-L3JkKtruatqLLr0kpEEQa-Q_B8aEWE-6fLj8zMZYt3iOXNiN9jCxnbpX2VtayPyi2btnLDfQjdLoH4y_luJjU
Frame ID: 366261B480E0F4F81B286DB9035D3E9B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi6lL-5ATAB&v=APEucNUPCGbLPs7b_8EoI-5MOmHOEB3wYKhfH2suXi9E3TpgtN2A7JldeGmBF6wIUcoxTnWPPMGMINJYwScj-v3LOCLx-1uuBi6246kCk_OWoYSh8Zi47uyzaUDwuscoWoFF8Kxw3tR23PMWvsrwhLbGZGXLNu2KwqC6n1SIaZ_6KLZ0J7jFowo
Frame ID: 803E728E85188203ABE1FD57D4986AF3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2A31A9C56A1F4DF3F54C11FFC28C039
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C55E3D85D9785B1723CA10F6B9A83972
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
Frame ID: 8E4FC4475C0044FD0381A6E258E650E8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html
Frame ID: 4E89E2F343DB32492E350C23BB197E8E
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 17E92606599EAF0CBDCE60EF2B1BDD53
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CCE7D9C4B90600CDD732B689DAB6FF4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7E88F0101C141DD38556F0BD2D040055
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNV032XrUeoyLQsV1ZoWuyviqGDsUkJY87fgUwjjbeacE85CVUT4OzmVjVoXUk_3XAOzE0MjsKlAVccsJ5TIsXnGg1vaTYmeu8oA9SnOnmEQmFfYN4kiDwMhoIvUilUPcO20siDxjjV7viHLGL8QxU0mQT6rdeSH5dZADuSqHUltw9Mzug0
Frame ID: F5EEF06D58EFB2EE75CBA55E12C09866
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNXml2-OAQbsUZlMnBdNKjbIerlEb0jRdDmyO--KiExZHwk4CzatqGevbEaXTGuzjEbFOWnf7OwIQcUwb6fZrlDOgSQlYPlyI9kLQr1OxzGzhlG1RqPURRSYDV9xgI5d4GIsT9p1OzH60ymqu-OWO6ut-GfBIaLnSrKVcTCm8OdRiJ3qSyg
Frame ID: FCEF6946C69CA50B4A99E6CB6DD6D634
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQwYWM9AIYtoDTtQEwAQ&v=APEucNWSr5QYvs2C9IqT7HW0N2tmtqiP0BB8Gsr102yvplsWI1ZZAIm9hWMCduF7bWVPn34s6KRNaub0_mLLJfvLAkwN0wLKeJYz2kd6C4cjZmXmu46rn4fr1RBohG1L5K2b09J_NOQ37w2DKmJxQHaw-IP7do73s508UePWdaIOLTHcByi0DUo
Frame ID: 1E381C691703AF13784F07AEF28BA568
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae9C7QqnoO561FB4eaRdGmA4PIxHbqVIDhuCHvqCX8ieG4eSdQa0WrfNZYxown7klUljgtg6QWc0l6HkfVwJyy3t9Ono-WU3MCIyDX9C2ZFDJKcy_MX2KxNvM7EiS7Slcv06H_oF0hIMl7JmFjANPBMwkrGg&dbm_d=AKAmf-DqPLlWlxkhGXULVbRxx3OPXDrpWn6u4zBQd_nbCkzN5cG3W_tT0LjV-X3JnBEdT0juWCdbSdp48LZJZZqOTryLAdokEbm_9s36_a8_mCLgZpCQBdJHh4W6xpYxPCoQKa-PGEJyTFQCQhLfTX5xi6TSv5BgvIzoxFzVlxCnOi3ai0w8DNeDv7S9TkoHjQJ2sis5PQG6S1LkxiAl5O-dhx1KpHML_qUaDMNXMpEfxeAOIWxJbo85JYaqVvBSvGvWO9wFJ_ozHgm3GHysFxZESMELBt1_OrqXwS_9qhk0VQec_ucFhmEdFVN2n7mLzrvq9X6h6URVwOJKa3a6mGnTWVnGWeD9tDNAKUJNF3_aBRjYiINf6QIfnJZDYWHVY-xUc4_KpGG1IKNqizSvxw3IuX5Surotn1WZey9EFuJIPNxJ0_mYR_R-Doxwr0YyHvubcrTNZltXbOEg2xxrXGwb0uxDxvuu5NaB_NDRnneuoNybXpYaZDN-7H8yqQ_PHdUfmrd6R0zOmVu368E4oKAowjNxPb771FvPh7yUOp7oU0SrCQF6UF65lNrtK0Z5kk20UFqn0RK9uTj0HQ7U0FFEn38h6sdZ-8bTLHa_bqJZddwwTucaRdL1PiR4iJ3yoHGNcJ4hwLDJkOmv9hTptLfS09xq4-XzD5PKr9-vGQkU0vwP2g1u1JopGLkm9MLbUu9zHJN0I56piDybgamisoNU6cW9odfyckm86DEaA3oGxM8SedYiAkNaC2e9kffb52JyNZzFk8QUMQoKKvTpb8-nQ4toOCgCKUPM9afAORldYeHHUYSAplPHwN6x5OLPucSIINWMdKno4VT6vVKeHA6I2_DF-ic7ZRMVf5iScwqLGCxP8KnA6tA1bHqcS7uttiZ1x3DkxWDMzOxypLrEtHB1yyr-beOSK_KN27h_Sditts5yKIRorB5Yrd0w-3PDLIMA7l-alsqXXOoJ3FwqyUD0qpHleWHqmkSFQ-38kD1D3M0681-N4NjLU34WWVsOM0jTIic6F1wojk-ZFLL1SD1YiQEOFUN_yn4elC2g3xIUGYPpIkiJdOzOau4JPLbu4Jyf9fxu8_0c1Bwv2mOpkx4hwg2--RNy18uP3rMntHN9VRVdToOwZfuFgCqlkfq8GALEgwV0sfFNxz5zHEKXHziZ9pjA3VX3CXujq4_g7eoy4wpAyq6MCUOhXRLlbjA8QA1xEf4qN57l0zNuGwNy_yXACilbJx8VB4YTPLFzF7isi2jYZGy5KG1KEh1mFnZ4trHzb0cXLMIiAQ8dhk2MsPdC_Y7Ez9vBPjtgVtfBGYMj5s3jjxjKrg-yDoMok49K3ywyZSl2FuVYjAdo1H6OhPXEqTIKBZiyEwS9jX1ussXbPdOdeTYUQzeq6K7aBYHqzBOo9ATNTr06547UKi5fnIWSloSUTP-MKQ3lvYfLEboh-1H7bthAV0pdSR-1barOPtL_6vphAZ6MO8VK6-XJy2qwSpBj7iL6Eir4AmrgZDrTbrO2h2UhvNnax9Jgh7txcfTv2n8zixmKJEL-Z5GlADWzxLbuX6q4XT9lQm_bUPWSK8yQJ2lRRQSjWtlouRZLhIhI9Cc4BDnYTyDH7xqrl65NDatET69Wkl4yFRTca7MeKgFCYHybJnjkyou_qRuy8V2hqW4NIyOZHBvqi_jpHmanhs9xi21ciwf-n2OjTWZxfXdQvF0RcDCWQXfxXXYWS294nsS1JRlPIeetjYi9T1PQHBbjdnk_67KbALONYhdU5lWCEnmwfkQbvbT2Fhe0rHcOegNv53sV2vY4gkXyBJhGOvVqCBd2lKHkOrlJK9kqQ92pMemoK4l-9DiQreP67NDG8OwGhMQa3Q-3xfWINSNj3y6wj1-8QBt52UFqX_DjmoWByz7q76vWixCTJu7F5Zjxpk5crvxHcIZVMMhyrwu0BaHTR-TXD802QW-5L1s6jsau6gzl8JNOx8zKpXqYNl7gM6f-08fsm3wlc0t2vJG4x4Y1YuYfuEIxdzKfondniYhH7uZtnpGlKPWehvZ_0Azo4p9a2IyyZ_hk62VNirn2gIDO5HveyT0GpJtqluBF_-OPvGVMXbTfOED_tJGLFvamH9AEQCMSIKLyoEeiFfqHivbL2qhuNq7BecemJVN5tEgAQb0fnB82CVIwKEHwA1VBf7T72gDjmtB6UWLJC9pFxsqvqlR3xHeN1jWshxJYwxzvE8IJlA8eE1R4mrU8_lAjqqOQ9lsVVk5aAt39uaNhf_cZt8laZyeObhg5aOvCopYP1vo-6wO5cnygIpN8xtlJuI85cAnj5lM1H5mk7urbkJXviyJPO4klbcHSy-IATK3FKeVv4MgHLuFboJ2__PkCec98BkUm7YV8yHzB6UfEcwScbURjIiBmhd5gMgsaDBZkQQ-kr40L7P-1daitNwkxRj_-AONsdVrGztVZ07WjMqgm3IsvbDVSwBs2IUfddsEbF0gaGRVkKCdStHCvRiRAjd3JohlopQrxkPv-sY_Oginq7T2_4T8qTe7mSiZJO4LJk9YltJ7s9nBZ1EW4giZk7vxe0xseH_d7KKW8sp3dzbgEHQtyjZnUWnjlv-Ey7l1nHh7zulsa2Hj5m3teWkaDKUSH4kfAw9CC1PLn699gGcV3gFKMAaweEQ5Uv0cNlMLAD8SArD_NRYUVvZnShODYWQtyBvZfTbTM-1HPfjTNbsvKKh8OdaLwxO6_I9L5poGz0fBN1hBUJzPyKM0pj7LWGoaKFxFczDxsJuH7UrdCO1mydpEgF89S9hiZ-qreXvKteU8HxtqVlgpOUHvoG6ZskEkR4UKD7A_MOBRfBHwfMkXzRJiRnfAn5of1oWactubU4pVs96yZI9M6xiR3QqkS4xeNQMW3b0DrZnkeuScBLycAtetBe2AH6cY1JUpLRaZUHq32ZGZ8nxIz0rWH5os7NBCWSZ_8zVgkxqWKxRSVz8-0ciwS-hX_3i_IQB15dJcdQgQZLmw&cid=CAASFeRojqLsCKJD_uAHFeG8PX4kLRWyAw&rfl=2%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240
Frame ID: C61C70FEC07EB8C7F886DDAC799CC8FA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNWBoEQmlQQO0MIOICtDxWpW86pl4nw0Nlg-B48Xzxbnxr7iUAOfQVF-SfNDSL-R57Ukm_sn0YJBfIvTnyXWbtL-MMZYrrdVywImgIhGT-hQqkBIxb_StV3HLauHE1V8P5CCW0H91-QDZAqWl15RwgmT8uOzG9f2-TOve0hUCYzdTNaKemA
Frame ID: D2210B7A3EFEE62396229F99EAA3CB80
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Frame ID: 5B4FF4041B94DF94EFE56640192828E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Frame ID: E991EA45558D22D04ADBCC77EB0A4252
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 176C2B18B1B49E05236039044B7F69E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE74F6A7E9869B81F20EBA985730CB62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F1217679E5DD07E34651103845A42D02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jaringan berita jawa timur

Page URL History Show full URLs

http://jatimnetwork.com/ HTTP 301
https://jatimnetwork.com/ HTTP 301
https://www.jatimnetwork.com/ Page URL

Page Statistics

373
Requests

79 %
HTTPS

33 %
IPv6

28
Domains

39
Subdomains

41
IPs

6
Countries

3160 kB
Transfer

6987 kB
Size

16
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://jember.jatimnetwork.com/
Title: Jember Network

Search URL Search Domain Scan URL

URL: https://surabaya.jatimnetwork.com/
Title: Surabaya Network

Search URL Search Domain Scan URL

URL: https://bondowoso.jatimnetwork.com/
Title: Bondowoso Network

Search URL Search Domain Scan URL

URL: https://lumajang.jatimnetwork.com/
Title: Lumajang Network

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/nasional/pr-511632610/susi-pudjiastuti-komentari-puan-maharani-trending-twitter-petani-gak-gitu

Search URL Search Domain Scan URL

URL: https://bondowoso.jatimnetwork.com/pendidikan/pr-1821631605/10-peribahasa-indonesia-lengkap-dengan-artinya-bagian-3

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/gaya-hidup/pr-511632899/tidur-menggunakan-celana-dalam-bagi-pria-dapat-mengganggu-kesuburan-berikut-penjelasan-dr-clarin-hayes

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/khazanah/pr-511632818/gus-baha-bocorkan-siksa-terberat-di-dunia-ini-cara-mengatasinya

Search URL Search Domain Scan URL

URL: https://bondowoso.jatimnetwork.com/ekonomi-bisnis/pr-1821632827/mendag-lutfi-sebut-embracing-jakarta-muslim-fashion-week-kukuhkan-indonesia-sebagai-pusat-busana-muslim-dunia

Search URL Search Domain Scan URL

URL: https://bondowoso.jatimnetwork.com/khazanah/pr-1821631731/bahaya-mengharapkan-pujian-orang-lain-versi-kitab-mawaidzul-ushfuriyah

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/gaya-hidup/pr-511632642/minuman-herbal-yang-bisa-meredakan-penyakit-flu

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/gaya-hidup/pr-511632634/5-tanda-ini-dimiliki-orang-yang-akan-sukses-atau-kaya-real-bukan-ramalan

Search URL Search Domain Scan URL

URL: https://jember.jatimnetwork.com/nasional/pr-511632452/fenomena-waterspout-bali-begini-penjelasannya

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jatimnetwork.com/ HTTP 301
https://jatimnetwork.com/ HTTP 301
https://www.jatimnetwork.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY3.Ew7DfCQSsnJpSKM2ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

Request Chain 157

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNjAzNjcxMjUyOTIyMTI2NA%3D%3D

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1

Request Chain 159

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY3.Ew7DfCQSsnJpSKM2ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

Request Chain 161

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzY2OTkxOTA2NjcwOTgyOA%3D%3D

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

Request Chain 206

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=e94a6355-437a-11ec-b6f9-17d925990506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

Request Chain 209

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=e94a708d-437a-11ec-95e5-1ef5e1e50206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKHBNyQAhVH-O_xEy8RPNSc&google_cver=1

Request Chain 212

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjZkZWI1ZjUtZjFmYS0yOWEzLWM2MDAtZGZhOGE3ZmY4YmIx

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK-tueSu-o2fJZ2b2QkX4CM&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

Request Chain 216

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=e94ca9d6-437a-11ec-aad1-1a27ea400106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0Y2E5NjktNDM3YS0xMWVjLWFhZDEtMWEyN2VhNDAwMTA2

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1&apid=UPe968e73c-437a-11ec-8003-068b74045f7e

Request Chain 219

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPe968e73c-437a-11ec-8003-068b74045f7e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlOTY4ZTczYy00MzdhLTExZWMtODAwMy0wNjhiNzQwNDVmN2U%3D

Request Chain 220

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS04OUczdi5GRTJ1RVc3aXg0a1phd2dySUJEamlfRUx3aH5B

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDCWwG4kbAt1X0KLvtLHIjg&google_cver=1

373 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jatimnetwork.com/
Redirect Chain

http://jatimnetwork.com/
https://jatimnetwork.com/
https://www.jatimnetwork.com/

123 KB
16 KB

1301ms
1254ms

Document
text/html

52.222.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-110.fra56.r.cloudfront.net

Software

nginx / PHP/7.3.31

Resource Hash

194e3731afa1ddc992f82bc7d36d500e8715d27972ed27ee75cb7029fd1b0836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 12 Nov 2021 05:39:26 GMT
server: nginx
x-powered-by: PHP/7.3.31
cache-control: no-cache, private
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: pJ-5_iSRq3_3_rFw002QwzjkuJPo4lJch_XJJl0ut-qZSLShH6G13g==

Redirect headers

server: awselb/2.0
date: Fri, 12 Nov 2021 05:39:25 GMT
content-type: text/html
content-length: 134
location: https://www.jatimnetwork.com:443/

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 810ms
365ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64cfdbc84502d36f797ec412c8e1e01d784ba5e9d077e093a51843ae7e1fb76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 05:36:19 GMT
server: ESF
date: Fri, 12 Nov 2021 05:39:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 05:39:27 GMT

GET
H2 200 style.min.css
assets.promediateknologi.com/promedia/news/desktop/css/ 61 KB
14 KB 51ms
8ms Stylesheet
text/css 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/css/style.min.css?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a230133986fe05d8dcdcb16a14a0bbf3ff39eb600af2757e91a57f6a825a43b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 06:27:55 GMT
server: nginx
etag: W/"39408ae54c72f79591db89be6e5533ab"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: 88BZ54Q4kh.NrVm_suYdGhY_rODNELRn
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: text/css
x-amz-cf-id: gv5Hw2JCjJTpQfh7Pr-VT27z9XCxr4VBm_MdgmqJXFYs3leti-MS8w==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 custom.min.css
assets.promediateknologi.com/promedia/network/43/desktop/css/ 6 KB
2 KB 57ms
15ms Stylesheet
text/css 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/network/43/desktop/css/custom.min.css?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b35986d806b37bae788e8aa86a2754dc8eef00ef8b3b319924f7144ab6dad28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:10:41 GMT
content-encoding: gzip
age: 163726
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 18 Sep 2021 08:50:54 GMT
server: nginx
etag: W/"5a32253a5e06d71eabf5a7f1e8464702"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: A0.NA.n9jDEEh17uUhxSh7kiq3MhobLL
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: text/css
x-amz-cf-id: WXPvuMyCGntkMMZet906a7NZ_8AAGaJNAIuKfwGqA_guO1HPl-1pJw==
expires: Thu, 10 Nov 2022 08:10:41 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 95 KB
34 KB 51ms
9ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/jquery-1.12.0.min.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:06 GMT
server: nginx
etag: W/"b2f71c943f2f14613bc100fc3ec59db2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: t_94qR_Dc-pfIE8wj3cJuL0Myt4qgjSbn8XgLjz8OpRulEvcvpkjgw==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 jatimnetwork.js Show response
propsid.b-cdn.net/gpt/ 13 KB
4 KB 793ms
260ms Script
application/javascript 89.187.162.244
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://propsid.b-cdn.net/gpt/jatimnetwork.js
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.162.244 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-641.bunnyinfra.net
Software: BunnyCDN-SG1-641 /
Resource Hash: f78bf0fcc597a168ec0ea8ee4794744cb4c2146d195a5915c7da0e629b182071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
content-encoding: br
cdn-edgestorageid: 715
cdn-fileserver: 230
cdn-storageserver: SG-105
cdn-cachedat: 11/11/2021 22:58:37
cdn-pullzone: 266288
server: BunnyCDN-SG1-641
last-modified: Tue, 02 Nov 2021 04:20:26 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
cache-control: public, max-age=2592000
cdn-requestid: 5adf466463bffd2bbbc35bcd96cd8a8d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 451ms
57ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jatimnetwork.com/
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 05:39:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 517ms
123ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3987315829323386

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jatimnetwork.com/
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 05:39:28 GMT

GET
H2 200 logo.png
assets.promediateknologi.com/promedia/network/43/desktop/images/ 53 KB
54 KB 21ms
7ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/promedia/network/43/desktop/images/logo.png?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 47ef963bcaf3740d71117501fd9cadbc3ac10a5c3142e742113b8ab2de872b71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:43:22 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
age: 165366
x-cache: Hit from cloudfront
content-length: 54610
last-modified: Thu, 22 Jul 2021 05:49:17 GMT
server: nginx
etag: "280e1534633e5cce9f985240a2baf7d1"
access-control-allow-methods: GET, OPTION
x-amz-version-id: 3tF9EuKBwpwhxZgWxIbbTzoJSTI_qJ0j
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: f3YY6-vwf6LIpDhw7f5nFDAylxX3W3tASKx_-RNzHD2uk4NgWsrSgg==
expires: Thu, 10 Nov 2022 07:43:22 GMT

GET
H2 200 1476951438.jpg
assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/07/24/ 54 KB
55 KB 24ms
10ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/07/24/1476951438.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c93756073d1e59f1cfae5ab8101b6cb640d8005b457ab072e274b6a3ea4be18d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 07:06:46 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1290762
etag: "3c38790cd820c21571d091c813209d2bd08ada5e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 55504
x-amz-cf-id: ZGqoBnTu560AXwoQV90ZsPMuuww91TBtQNZgW5wI3uC0OvPzR9zZDg==
expires: Fri, 28 Oct 2022 07:06:46 GMT

GET
H2 200 1655262992.png
assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/11/11/ 164 KB
164 KB 3402ms
3388ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/11/11/1655262992.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f49a8f502bde316b4227f7a13ff568142ff57b9e56d384cb3c0d52f28cfbc84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:31 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "f6d6ba8aa34d1a5625e68520a38dab5b7e4652fa"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 167831
x-amz-cf-id: S267HYj-r2mGAJvOQm3tjYtVQY-11r-fS6KftWObjbCptJYoKnej0A==
expires: Sat, 12 Nov 2022 05:39:31 GMT

GET
H2 200 164717772.jpg
assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/08/04/ 41 KB
41 KB 389ms
376ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/08/04/164717772.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a7c39f5a65ec9902406cb20fd828d9fda980a5187dc0cf6e969be93c7ba7446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "d39418053ed67925c5bda4b3cdd5dd7ff631691c"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 41515
x-amz-cf-id: 6OTHTqmIQAJ674ID-cjvP4QlZnZJl2aNJ1KOieICGWIe1HVXZd0fug==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3703528882.jpg
assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/11/12/ 41 KB
41 KB 27ms
14ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/740x444/photo/2021/11/12/3703528882.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5711c255eba566192348853f51564e01e9109f4db09e59a9ee98d2c382bb0b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:59 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4289
etag: "e1efbb13c3bd063fc03ea5bdac600fadcc1f8a07"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 41875
x-amz-cf-id: l31GKT5NJxrhTTW8wVVLB5xQBxEIEgbwBJcbv4j_1OjdlG-1ltUDAw==
expires: Sat, 12 Nov 2022 04:27:59 GMT

GET
H2 200 1476951438.jpg
assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/07/24/ 6 KB
6 KB 26ms
13ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/07/24/1476951438.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2fcfcc11576a620aef2d12a02ae4a7a6964c1c552635364c036007a11f0e78fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 07:06:45 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1290762
etag: "6faf3341ad922f8e76bbe2e49f697415a8ecaac4"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 5773
x-amz-cf-id: 1elYPox7NIzaAyEs9NP_gCYQuFBXmEFwIKNAcddLrG5ep4Og9bnsZA==
expires: Fri, 28 Oct 2022 07:06:45 GMT

GET
H2 200 1655262992.png
assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/11/11/ 21 KB
22 KB 1855ms
1842ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/11/11/1655262992.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d8df2d23b7053a11325279348f209ce2964284345f9a3752d3a2a4d17b6fef8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "cde2ed31d0ef28fe52fd1bd13084801c9037fb3a"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 21880
x-amz-cf-id: UxGCM-u2-1P44nOQkXU2rTtFtYe2J2EEkoUF0NbRdBMDwbVlvdlgjQ==
expires: Sat, 12 Nov 2022 05:39:29 GMT

GET
H2 200 164717772.jpg
assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/08/04/ 8 KB
8 KB 804ms
791ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/08/04/164717772.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6cbdebb86159494163cbb4e474f9263f66ddd4ed531fee657bb9a5b5cb196d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "8a979bb49f29795db20b9b6b1b6fd73976f9d42c"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 8286
x-amz-cf-id: PZk69Z2EsnZanJOYjbEBvAu_Q5O4aRNtDoEaALIg-cTtis3RBlU7gg==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3703528882.jpg
assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/11/12/ 6 KB
7 KB 30ms
17ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/185x111/photo/2021/11/12/3703528882.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa7e4a37a9ad7a960cb83f9f1c6342eb33b3dbe6efef75b52bc951c826d9b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:59 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4289
etag: "30be0f43f4ecf37c8bebdf1f0ca7ce6c1dc542b6"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6352
x-amz-cf-id: nHuiOW0ePyyq2GWJ17BAuImnwneahWelZXxyAujh-L6f9hisgIjvOA==
expires: Sat, 12 Nov 2022 04:27:59 GMT

GET
H2 200 3541757944.png
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/10/ 35 KB
35 KB 29ms
16ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/10/3541757944.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 420529e0bcdcbe3532645e35130f955fc32624627be5bea0b43710de6d762599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:47:24 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 57124
etag: "69b5f1a961d1fe285d475696e44b9542e81cafe0"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 35463
x-amz-cf-id: etaXCMHE-4Z3_obcX0ldy5pjl9PX62rcEAtU7tUNAmOqGK4lVOsSgQ==
expires: Fri, 11 Nov 2022 13:47:24 GMT

GET
H2 200 1832376657.jpg
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/10/29/ 9 KB
9 KB 35ms
22ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/10/29/1832376657.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 422e47c584262fedbfee0c56a264cd80b1e781a4375288aa506688d72b7af05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:47:23 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 57125
etag: "6d554cba06e5c022fe7b2ad18387b3d53525ecce"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8995
x-amz-cf-id: eafg8Z_jBxnnOnjgxaYmS-ZpOSWazgaULQRgPlSFrgO64V3tyJcq2Q==
expires: Fri, 11 Nov 2022 13:47:23 GMT

GET
H2 200 765812846.jpg
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/ 8 KB
8 KB 36ms
24ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/765812846.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e9e16c9d51e32edda21111ea3d92921b36461e5b3ccfe8b573e9114aca9fa258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:41:51 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 21457
etag: "32a16cb1e14d725c176ff3f6fbb094b5e434af09"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8105
x-amz-cf-id: csB76WLWAUrsvCOM0spqfxTPVokKGhgkDKa4rV4BO9wY8XG-UnhU5A==
expires: Fri, 11 Nov 2022 23:41:51 GMT

GET
H2 200 4127617726.jpg
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/10/ 8 KB
8 KB 37ms
25ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/10/4127617726.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 73c871b803dd1dcdbd42dc53507410c28a8c0e4b518b3826f2723601e8d9e1d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:18:46 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 98442
etag: "ac9dca23c34ac0ab662aedb687aaa553ddfabfd5"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8125
x-amz-cf-id: P2K5SWSl66Ct385tEeqZGEjgm8WZ9Yx_LRgiBTMeFq4AvR3XfF-Isw==
expires: Fri, 11 Nov 2022 02:18:46 GMT

GET
H2 200 757572179.png
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/ 35 KB
36 KB 502ms
490ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/757572179.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bc8f6219865038ab982d3503055e8bda52657b4b8110ac595b3833cafc9e5fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "0e1897fb241828098eed4b72024c808659984f77"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 36189
x-amz-cf-id: ijZcUqzTz-LnwlD_NfKPDsUlt0QOlB3IkIV5x7rAIDcS02I3UUrndg==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3099453576.jpg
assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/ 8 KB
9 KB 33ms
21ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/226x136/photo/2021/11/11/3099453576.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6db9f6009fd05ce4f30168923d534de1f2d3c6b5aecd85cb33a1f9043f1188d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:26:53 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 22355
etag: "6bd528524d783ef4a81724c4e8c8dc71d2bb3860"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8328
x-amz-cf-id: hAZFgKh3AJKKFYEbpWQSkmwZqLA8Q3WtRnrrw7etSnRWKx7Deq_aqw==
expires: Fri, 11 Nov 2022 23:26:53 GMT

GET
H2 200 914214665.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/08/17/ 8 KB
9 KB 801ms
788ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/08/17/914214665.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 52c49d2c97e089b90b62213dabcac8b64cd3be56c7fcec90d6c2fa57bd5afb53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "b451ec851c1fb369b54d27aa9fb167ebab9b3858"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 8393
x-amz-cf-id: fuiUOgKAzukogDuDQbaCus5jJZGWKdI2Skiv_BQpkTxlwd3_B0vy3g==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3798518991.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 7 KB
7 KB 36ms
24ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3798518991.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a4e60f3dd4f1cb60b9b61ddcef62a6b0d27770db9fcc466d671620a993be83e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 527
etag: "1527c84a84a310b02034c0c85398cf7f8d249b16"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 7108
x-amz-cf-id: F7P1wSftfMNAN9b7typ-8mDL9ChnQ-QuVGgEocvKkg8ANYwuq9JKuQ==
expires: Sat, 12 Nov 2022 05:30:41 GMT

GET
H2 200 1757289562.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/08/30/ 9 KB
10 KB 821ms
809ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/08/30/1757289562.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f58c118e773ffaf43312dc34fd3caca477089e40c8c329eb1455ea4981729fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "c8e489dbccd96d811e3db88b5ce7621ccb386ac9"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 9679
x-amz-cf-id: b06TBP3b8z4wdnpdTMHQqFhJdxT9Z7KL8tfkac26bl6PXjnxCz6WrA==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3424745900.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 8 KB
9 KB 37ms
25ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3424745900.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 24324d20bb5b203a61ad9aaca4439488f14483def68f76c4eb1a943a9503eb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:43 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 524
etag: "f119748c7ca26c0d8d20045887088a388e2d0f2d"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8567
x-amz-cf-id: rfeJVf2bd0Z9Rkmz-UU0YqFgnMqD4mNmuLnLtYJ5iAW7Or2Qo4px-g==
expires: Sat, 12 Nov 2022 05:30:43 GMT

GET
H2 200 3132034197.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/11/ 7 KB
7 KB 285ms
273ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/11/3132034197.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ea133ad676a61f176dd6572ea7383fa894db11695ed35c950d78bd0f4635eae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "c343b248357dda104f439a4108e1720e14aeb772"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 6919
x-amz-cf-id: kL7s6Y8C61_e7_TE1HvWE5s0lL2tLbn99Lj1SsuNwkgCNq-KBnBWJA==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 882703093.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 11 KB
11 KB 33ms
20ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/882703093.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ca633d2514b5c9a5170f25d765a51961eb657e40819bb07f4da766c63718c638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:13 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1215
etag: "a8777f1b540b9045e814d171b730166651158d43"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 11110
x-amz-cf-id: 7UiaupqTQrH61Cf0EL_99jM_RxpIVqgF9J9j8gYjr1nseIHqPIjLnw==
expires: Sat, 12 Nov 2022 05:19:13 GMT

GET
H2 200 1035417736.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 4 KB
4 KB 34ms
22ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1035417736.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 818fe2ba5abb43d2ef767a0aa86446e287f8aafdab0f9a39cda75e64e83e8812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:43 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 524
etag: "f70b14b4e45cc41d7dac54f98e370ee43d5d9300"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 4086
x-amz-cf-id: Pl_EmOB-kHaY9kAM3wB_0Z3ZGgm_pmYFRQm84iI2lBDMKFFmPsPLrQ==
expires: Sat, 12 Nov 2022 05:30:43 GMT

GET
H2 200 673753058.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/14/ 6 KB
6 KB 900ms
888ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/14/673753058.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b6c3337829e40e57c3deb651d4089024bc3ef552d41b768d91b375e3ee9905f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "fc922a362dfae5be3eda7596f4150d424c9159bc"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5844
x-amz-cf-id: 7GQVg7n4dgPosmufcbSS-Ic7KFTnZMfgW9akW1_hxSDFNlJZP_Satg==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 665800526.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 8 KB
9 KB 35ms
23ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/665800526.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c305d80ec7c9bbccdb3c6526bb3547c0645ed14859fdb277e74b5d042ff0a978

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:40 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 528
etag: "b9668030ef92bb738a58555709bd1d59d7ed4c77"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8519
x-amz-cf-id: NgHWLWtOKevHP4Y1KC0XitOO90TA__EmcMuMaifPU2LBPTWJYJ3Uqg==
expires: Sat, 12 Nov 2022 05:30:40 GMT

GET
H2 200 1100824159.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 10 KB
10 KB 35ms
23ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1100824159.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3533818ba7926a75143f24b2b3d77756ed15255d0e7b0816561d895f4bb36833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:42 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 526
etag: "605d608d89fecb50714cdc10d05a6e7470067f2f"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 9932
x-amz-cf-id: 26T_Wq22VK166Ybjy0ipw5PH347Sjq0IFOtuzw8lVD9e6mh8VoZW8Q==
expires: Sat, 12 Nov 2022 05:30:42 GMT

GET
H2 200 3295563003.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/10/20/ 10 KB
11 KB 30ms
19ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/10/20/3295563003.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c1aeec728aa84801062ac23f1234279b07b78cd4898ce28b45f5f755fd7d6f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 02:19:01 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1221627
etag: "c29437779c7848cce704bf1b70a8c0e21551c5e9"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 10651
x-amz-cf-id: rZK8qzFqkEeesK0rhpdd4EnvrLMnfkbKP9Cz5UKoYyarCIqNck3Vzw==
expires: Sat, 29 Oct 2022 02:19:01 GMT

GET
H2 200 4059607812.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/11/10/ 9 KB
9 KB 37ms
25ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/11/10/4059607812.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 00f8316296efe722d8e9fab0dd1ff0580b5ca369630d2fefcd91898e6f3dba95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:54:10 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 164718
etag: "1b1f1fbf233b915e25c5c1cba868fa16201d024a"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 9000
x-amz-cf-id: lj42_V0qKkKZWRqdFwN_pgvHIdblOJXrWDW6y0MFFsUOXhEj_bPwcQ==
expires: Thu, 10 Nov 2022 07:54:10 GMT

GET
H2 200 4255592159.png
assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/11/09/ 53 KB
54 KB 40ms
29ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/11/09/4255592159.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c87d5f8c489815d834a553e7afd81d6750524d8d4d411b61c3cc55a9a446cc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 10:57:55 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 153693
etag: "866978cf00c86609ca7fd92510f4b834cbd24439"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 54767
x-amz-cf-id: 9DcO8PUfM-tyn03NB0MBXpYHf0NbpWacMLMKCtiLsG1EINsEQETfxw==
expires: Thu, 10 Nov 2022 10:57:55 GMT

GET
H2 200 1163941223.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/10/24/ 8 KB
9 KB 32ms
21ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x138/photo/2021/10/24/1163941223.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b603041787f836e2ea76b45b8d8d66598d7aa3e1beecfd02b24f26d7f2827177

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 07:06:46 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1290762
etag: "4848a940db9ee3f7b950f2dff0eb318c421128c0"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8300
x-amz-cf-id: -AYzIVHPNK1vsmxZGk8E5Vm1fg50SH4pO6iUEhmSxl8bZ5MPYb-1UQ==
expires: Fri, 28 Oct 2022 07:06:46 GMT

GET
H2 200 1313475420.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 9 KB
9 KB 42ms
32ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1313475420.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8877030c73a1de41e7870667b1f81949d9e1f694c48909522fc58f4e358a2db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:16 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1212
etag: "68650119a5dcb3436c22caf2c63dbe606dd1d5ac"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 9020
x-amz-cf-id: WXUXalTzMbiZBooM_ZTVotQ2USJl7KnKfMHiGW1siDPS35NnEXK4og==
expires: Sat, 12 Nov 2022 05:19:16 GMT

GET
H2 200 3703528882.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 6 KB
7 KB 37ms
26ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3703528882.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e9a693e192be6deb4d44b6f25e9e1033ef9847c77421b0bc2d649bd2377b02ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:28:00 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4287
etag: "b908d1855e929bec2a309626b63fcb51e37f0255"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6624
x-amz-cf-id: GCOw4nTW8MpTFVgT-E3GxXckI6QKoXVnyGJklqijEtH-YVW09qiWoA==
expires: Sat, 12 Nov 2022 04:28:00 GMT

GET
H2 200 3168941139.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 5 KB
5 KB 44ms
33ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3168941139.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f92efe5b6d6d727a2eb197155c0b7432eda1291ebf5f255bc155141a13919bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:28:01 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4287
etag: "c68556309f1461ff3ff60cbbe0be04e79ae4bf71"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 4650
x-amz-cf-id: G8HLjaTygJ91MQM9qj1a8mXyoV_Bud-GcQFaq_iRjhOA8Md4Wbe_yA==
expires: Sat, 12 Nov 2022 04:28:01 GMT

GET
H2 200 1374886404.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 7 KB
7 KB 36ms
26ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1374886404.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e7e32f3218085ff16d042429124b8716aa4e3953b2ede4be68135319d762489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:28:00 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4288
etag: "5610f5ad4be4605b371afcb431ce3e12365cc57e"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 7171
x-amz-cf-id: gvFh5E6PqufeQdpoD73C6rG5dMAQa_FUa47ETCGbm_EZ9Tkp7Ket-Q==
expires: Sat, 12 Nov 2022 04:28:00 GMT

GET
H2 200 1334777550.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/04/ 8 KB
8 KB 44ms
34ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/04/1334777550.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8356a3c06856e514b5f8ba5f3cb4bd7718d81815b3b10dee4e54efd3880e754e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:28:02 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4286
etag: "221a8692ef7ed5e7cef4248d335c5c699b862d37"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 7858
x-amz-cf-id: UTu9w1BieVyTSAQhxomBt0N3hAwfrjiiad33yj4hVT3UlRbn_7KGcA==
expires: Sat, 12 Nov 2022 04:28:02 GMT

GET
H2 200 3700702035.jpeg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 7 KB
8 KB 753ms
743ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3700702035.jpeg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a9326533fa4942249e72978ece4bf829291c302b2c482ca7502639d8069b98f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "e9d603eabb8dd4b39a07127ca1eb326b7c2c5641"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 7555
x-amz-cf-id: CQGCFJTAfwCT0q2YZfVjDd3DeQQH1RftIOqdco8TkyCfc-65uoioKg==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 914214665.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/17/ 10 KB
10 KB 835ms
825ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/17/914214665.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b53c6d486527ec6c7843c267280027fc82c205da2b63d388d6c004a7149baa0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "785c4621c9627e76b31bf5acedb53a5513f1a494"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 9887
x-amz-cf-id: mFqbowKhTE3t-Jmf4ZKujYX9u0AGQu31bqhSB2dK70VvXpX8iPfNpQ==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 3798518991.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 9 KB
9 KB 36ms
26ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3798518991.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 16bf3933f68b97cf901cae5620296899a2f0a959b1a8ada35a6c5a261d7fa66c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:30:42 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 526
etag: "d7afb372c47ac626f9f76bfb4e61324487c2a13f"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8809
x-amz-cf-id: xDGkYHlhswnpkfG1oNjKRPO0TafnE_55OmZ980yG7_e2l_2nVTDvPQ==
expires: Sat, 12 Nov 2022 05:30:42 GMT

GET
H2 200 1757289562.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/30/ 12 KB
12 KB 907ms
897ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/30/1757289562.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bb95dfaf77fc687e93cd45669ce9f52061923cd26d359473c9f93aad42d27bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "79fa7ae29d43b5ea961942b4f5d5fce60f7f8571"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 11849
x-amz-cf-id: OQhveVwyKhIB4l8Mwx1alnBBDUkZSlTQmjcL96AV9Nop_eFYyVMumQ==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 530712520.jpeg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/25/ 9 KB
9 KB 38ms
28ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/25/530712520.jpeg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 397c2c14a71cf0d901307f9300165c1c7d9a3d67fdf0d84d55a9d059eba71673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:13 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1215
etag: "03a537d884d20dbb39639c4645eb1c392a6a4e18"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8832
x-amz-cf-id: JGa4QVAiX5Is-yssifQBrCF28peu7ptGSINyEDYt4VOXTuVtwiyKcA==
expires: Sat, 12 Nov 2022 05:19:13 GMT

GET
H2 200 1926518975.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 11 KB
11 KB 40ms
31ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1926518975.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eafb9f9f639a2c3f732f5ee2395c648c5aa36f2d258373edadfaa6e0d5747c54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:17 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1211
etag: "9a7e09d1fb67c0df88ba6f1bb8b9f6c09b0e5c3e"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 10918
x-amz-cf-id: 6Eh1MUQ8_dGU5woimkug5zu92HTUcRjcFQkJU6IpWi-4nZ5R2jrgYw==
expires: Sat, 12 Nov 2022 05:19:17 GMT

GET
H2 200 3424745900.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 12 KB
12 KB 39ms
30ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3424745900.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0386347ef50a203991886df4f4011b1cc9212360dc85c038333a0b08e0935e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:14 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1214
etag: "1519fa0d620c7036b4cfc048c5cb2b89cc86082b"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 11828
x-amz-cf-id: yv-M_BoMuBdt5VAnr_PSff1yKyDnJOX-e6cJendSUrLopp2AKFhrZg==
expires: Sat, 12 Nov 2022 05:19:14 GMT

GET
H2 200 3964907068.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/30/ 6 KB
6 KB 37ms
28ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/08/30/3964907068.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e3a4798b2d30ea54ce17e1d7a5fb78a16fc62f8425dfb69d07549bb6cdd6d48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1187
etag: "f9ca4a7151932baa3d63ab7bbea5bf1f341ce36e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6236
x-amz-cf-id: KYT8BYRHdNXrW9XX7VmKslPHPldXAJ_RKu-0LXA_ReM5YdzPBT3q_A==
expires: Sat, 12 Nov 2022 05:19:41 GMT

GET
H2 200 3132034197.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/11/ 9 KB
9 KB 1289ms
1280ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/11/3132034197.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e1fb12dcc81c4e82431a5f9976ebf40c1a24b7afe7287a5881217bb6e2a8658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "34f13d5b313823c438bd8bed2eb6c4679db34992"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 9164
x-amz-cf-id: LDs5KRwqkMwUiHF225iE6hl4I8MkZ7IEAiulWdwr09QBGyF24599pg==
expires: Sat, 12 Nov 2022 05:39:29 GMT

GET
H2 200 882703093.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 13 KB
13 KB 43ms
34ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/882703093.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c9bb5588885442b0c821f0c0be4c20936e1d9722371d88e709f7bdd077b7871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:40 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1187
etag: "e5e897215c9db213ac22cc35c1d83937f5eaa7bd"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 13132
x-amz-cf-id: 4sgnJy_oX43rY3vQdvHcHAoFVn8rbYjIud6rrQ6lN3ND1r7Z2b9xxg==
expires: Sat, 12 Nov 2022 05:19:40 GMT

GET
H2 200 1035417736.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 5 KB
5 KB 40ms
31ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1035417736.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ae18c2d3c176676519428695180dbc98059240b2fc06e33472f7f68f7c7684f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:16 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1212
etag: "78c27d1719e786dbd789e1c8f9563e91a385a25e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 4974
x-amz-cf-id: 46yGRv35Yazht3c18ZdbZbDffmbDOtDwXj2sOpr6ATxQsIO6Q24nZQ==
expires: Sat, 12 Nov 2022 05:19:16 GMT

GET
H2 200 673753058.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/14/ 7 KB
8 KB 904ms
895ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/10/14/673753058.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93be6be754246bde3084522aab71f6fecd3c297bbbe94de108e483f88e7830a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "b933bf615ab0228bc249aa5f7f03a51935b26b77"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 7599
x-amz-cf-id: YTLvQO5fFeto8eoRfRR7ipBVgQgJQVpOqVd-VGlru-vC2xuD3vSbXA==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 665800526.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 11 KB
12 KB 40ms
31ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/665800526.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 50f207b7f19e224ba16d57624bea2fde3b0812919d36d540eb99744108f50f6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:12 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1215
etag: "a56697afede2e21ba139ff0df9bc5ffa291371bc"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 11446
x-amz-cf-id: UGEGSrk0ljPBsf_OsC67aHV7D9pRadoH_wCtIV5xUsuo72N021iI_Q==
expires: Sat, 12 Nov 2022 05:19:12 GMT

GET
H2 200 1100824159.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 12 KB
12 KB 42ms
33ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1100824159.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f058d56494bb6ecb5f065b5300d97afdd769ca0254f9df6ff3c2643c29fc6d97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:13 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1215
etag: "c5c40375babfecd48e12fd2fc4895c0741afaf61"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 11993
x-amz-cf-id: CTPuNik1DEPj4E4B7L1n6EXX4Im4JPFN2gmuAyDLyV71svohnf69Tg==
expires: Sat, 12 Nov 2022 05:19:13 GMT

GET
H2 200 4290844377.jpeg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 8 KB
8 KB 41ms
32ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/4290844377.jpeg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 920392acd59911c0c92fa2b1986b473cc0fecd10c40ea593546625d78c4977fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:39 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1188
etag: "ca77a618ab03528d6c3a75344d26639994c519b4"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8274
x-amz-cf-id: c1wOazz_s4rFaRTPg3hd5DR0HbOH_i4g3OeZg4Ymov529clfi8jHcA==
expires: Sat, 12 Nov 2022 05:19:39 GMT

GET
H2 200 1313475420.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 11 KB
11 KB 41ms
33ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1313475420.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cf7a90fbc20e00b4b0464140feee8afcbd7cb68630f309c367671aa91e8213ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:18 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1210
etag: "22846a1df17c458bb117cddf21643b79b6cad45e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 10864
x-amz-cf-id: ZDq01N_4ipQAnelfiDTqTXjrFv3bJ0vUnLByv9Z-XePYj3yIF2ZN-A==
expires: Sat, 12 Nov 2022 05:19:18 GMT

GET
H2 200 3703528882.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 8 KB
8 KB 43ms
35ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3703528882.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e05b017d3e7d4a47a204ab47c142ac4234b8f6433c1fec7ca12eb7ec9579297a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:44 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4304
etag: "554b6aeb726d101c0c99a54c519674c51dc1e608"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8204
x-amz-cf-id: LtqJBDOXa12z7DcMPIKYQPYWl8FgU1wSR2uEswA1ugHM3wae6kdbuQ==
expires: Sat, 12 Nov 2022 04:27:44 GMT

GET
H2 200 1322420784.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 9 KB
9 KB 49ms
40ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1322420784.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0362c7c13c820d167a102eaedf467a6e161eae9ee44228b8448e331722319bf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:19:17 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 1211
etag: "65d98d6c682d476c2803c2e74fbd3a85ee7f30c8"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8754
x-amz-cf-id: E82A_RODiocSGm_W0_cVu1XbubegEsNcGk__0q_Cp3CM555J5vly4g==
expires: Sat, 12 Nov 2022 05:19:17 GMT

GET
H2 200 3168941139.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 6 KB
6 KB 1169ms
1161ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3168941139.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e16ab4ed9fe40437f4c24364a13bceee06222e6b489818c34af399a177053e6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "af90e247951cee269eef272b59844a98d9b39cfb"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5758
x-amz-cf-id: U5f-AELwoFBX2HwABMyDtTz9MwsBnu4rGBCe0V3YmJ0Tm8IWMxSHvw==
expires: Sat, 12 Nov 2022 05:39:29 GMT

GET
H2 200 3638107410.jpeg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 3 KB
3 KB 43ms
35ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3638107410.jpeg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fb4d82ea408eec1c669b79d3afd6254e73c637928d9e6a00b95fbc66129d434

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:45 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4303
etag: "dc9a22e8ff4d59240139d246728dab8ce6776996"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 2726
x-amz-cf-id: sqdJTNDICdVpcN5_rg_7ScD09V2D6IoSCaET9zvBqgX9nrikN3e91A==
expires: Sat, 12 Nov 2022 04:27:45 GMT

GET
H2 200 1374886404.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 8 KB
8 KB 44ms
36ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/1374886404.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 77ca5cdf89ac14bf656e19582a80cc893c666123f699b3f656cf4d5456fe52ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:41 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4307
etag: "76cfa7ec119871fd3eee2655629ff2a1bcd44ea4"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8086
x-amz-cf-id: 5RhPkFdbBKw0_RO-9wrFyQnwwTop2n_G2QQNkGzGnO9vQ8m82F6cdg==
expires: Sat, 12 Nov 2022 04:27:41 GMT

GET
H2 200 989241354.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 5 KB
6 KB 43ms
35ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/989241354.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7222439fab8e9ebffa41b71b65af793505b3aedf9ebc65fa99a7f684ab069c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:44 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4304
etag: "e45fd77512d24a6c7999d918a0d6b7c16cea9a83"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 5544
x-amz-cf-id: EeMoRkrp9o7w_c9we8iiXy1kqzwRAx1BiFSA0wiA1NAK4K3NoEa0uw==
expires: Sat, 12 Nov 2022 04:27:44 GMT

GET
H2 200 1334777550.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/04/ 11 KB
11 KB 45ms
38ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/04/1334777550.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0433abb7658acee84c064fc7f82e660dbd3bfcacbe5ae3155edf0d1040702140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:11:20 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 5288
etag: "be06a6e65c6f7a1f2abc6a1ff7bd2dfd60674431"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 10922
x-amz-cf-id: js6UajNAtJlziQE6uBXxXeAQvuuPNoTn1ZdfgGE1fEo_Mv9iyYByew==
expires: Sat, 12 Nov 2022 04:11:20 GMT

GET
H2 200 150-anak-kurang-mampu-dapat-donasi-beasiswa-sgm-eksplor-dan-lazada.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/ayobandung/bank_image/medium/ 11 KB
12 KB 47ms
39ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/ayobandung/bank_image/medium/150-anak-kurang-mampu-dapat-donasi-beasiswa-sgm-eksplor-dan-lazada.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 29288d87dd5093f1959a5ef902c207e8a42f419bf29f1dd6f29f952013102b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:11:21 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 5287
etag: "02610e4b1adbef82215877567e4a4717e561b001"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 11633
x-amz-cf-id: A3ffMKrf6Y_nD0V3y6pFNIcEwRSt7pz_9-N5efMJ73-QwC5mj7sI1g==
expires: Sat, 12 Nov 2022 04:11:21 GMT

GET
H2 200 3240775408.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/ 6 KB
7 KB 44ms
37ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x136/photo/2021/11/12/3240775408.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cb6b8f952f77778554e7e7c579fd7a501004d82d7e7ea04e4eca03f456756ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:11:19 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 5288
etag: "be2f68e487030f9153e8c4e1d78bf243add3c482"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6356
x-amz-cf-id: hKusGjCiqgpoTw19H399OtVgWwcKU23MFcdFsuP3SnewW5nER2NGwg==
expires: Sat, 12 Nov 2022 04:11:19 GMT

GET
H2 200 3240775408.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 6 KB
6 KB 43ms
36ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3240775408.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 80d71b4c8d603c4cc1309b3e86d178d59b596cc40c3268f741e7dbc231580ece

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:58 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 4290
etag: "655ec5b633f27abafd9c668c9e6fb1308ffe9a50"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 5723
x-amz-cf-id: f4ydnbNxoLDPWgWA9ITYYRqxXiBCMlIOUJTdqDMILSL2aFHgFm2VkQ==
expires: Sat, 12 Nov 2022 04:27:58 GMT

GET
H2 200 2606911213.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 4 KB
5 KB 45ms
38ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/2606911213.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cbacc0846c5586ef7962c2449a23710778aeac1587563de09eee047ec66ec64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:55:12 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 6256
etag: "0b99408c7789eb27aa12f62199a02f510ec67cbc"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 4525
x-amz-cf-id: rnq1n_7MuLOsqDrC8KBrUaB32QTliXi-EQA5kA_VneZKR7gsed9qfg==
expires: Sat, 12 Nov 2022 03:55:12 GMT

GET
H2 200 2221250430.jpeg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 8 KB
8 KB 43ms
36ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/2221250430.jpeg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28fec4b089c4030bf4b552d1d346156cbea916bd51359cca35466168faad3104

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:55:11 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 6257
etag: "b71fba4cdafadedb9c63eee44182398bd2ccef29"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 8172
x-amz-cf-id: 8wVGxbAu_IMAp2X-OsLW4i6y8k6OOQG_Pm7e8h7e-O0EyIWu8RIM8w==
expires: Sat, 12 Nov 2022 03:55:11 GMT

GET
H2 200 3295563003.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/20/ 9 KB
9 KB 887ms
880ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/20/3295563003.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4af73c254f932d343b1ebc765d9f207993cf3eab0bb4f72029815730099bce60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "4d6a7d3016e0c07e08bf8a05c80ed589d2b03dc1"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 8753
x-amz-cf-id: MVG2-fcRuA7GLZbtBCDxiB9K_SO8wTHzY5AjqrFcNzuz43yM7SyWkQ==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 1233863941.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 4 KB
4 KB 1949ms
1942ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1233863941.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a95ae5e7172768b5f3898205a109ac3ebd04bae74beb4525bd68f57858701ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "7cb17d7f8a416cc15d28e069b33543526be089e9"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4082
x-amz-cf-id: zIhSfgs5LJWqyneuKiPoJEKx7JCKMd6EOyD7dGkO50nm7HBVHWJK-A==
expires: Sat, 12 Nov 2022 05:39:29 GMT

GET
H2 200 4076151074.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 8 KB
8 KB 44ms
37ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/4076151074.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ed4635a1de11611692ff52e68cf41113f22c62fd932b03d144fe940411b3a199

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:43:24 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 6964
etag: "b5b1d3a094349dae9c4ec94928311979b090c1ba"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 7926
x-amz-cf-id: Up2qVe4gc7GOsr-P6b-31FZBR9NGhgdBBS9iJn20AzrxO_rlT_c5TA==
expires: Sat, 12 Nov 2022 03:43:24 GMT

GET
H2 200 1746534451.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/31/ 5 KB
5 KB 1146ms
1139ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/31/1746534451.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ad0bb44f279d1249e215124bd930f6e4f1b8fc11b43c9b0a0d05b017f7a73aa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "b5814f69665e8cac7ddf6f08a70abee7625397d3"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5020
x-amz-cf-id: mvmedMFFN-cAbBqOERmLbQEP2i3iuzEL3umrfKV0IFj6_zIVNjs4kA==
expires: Sat, 12 Nov 2022 05:39:29 GMT

GET
H2 200 1161690551.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 6 KB
6 KB 45ms
38ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/1161690551.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6487bde3a9c890dfdb3769041cc67dbb433a1963211b186ce9a1e80b2bee26c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:43:21 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 6967
etag: "332257182511ac63206b8148d2072412b8d5590f"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6213
x-amz-cf-id: HkEvfOqcVAn3MAPuFElITPpn0TgaHYmeo76_ZHB_yj6XApLRR4JKEg==
expires: Sat, 12 Nov 2022 03:43:21 GMT

GET
H2 200 3769476441.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 6 KB
6 KB 827ms
820ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3769476441.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 165aef69bcd3122ebe6fd3ba067328aa68997bb417ec75da4c895ca7b5c30b33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "b20e8ba5a56b11eb872b7aa121818678836e2e16"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5886
x-amz-cf-id: rzFLY5d0DuPdj9iWpgQvJUuEqFIsk8wO4LOL0Z1CSislEr9pBuxQIw==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 231000926.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/20/ 4 KB
4 KB 897ms
891ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/10/20/231000926.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a825cb7e92291132e11a240ffcea8716cb6fd1efdab52338f36cf17282fab0a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "264b7e3cd68cf36de324ce27922ed6a16d45e341"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3741
x-amz-cf-id: zBRL9w7pf_M0s2ClRJzlYe1Yvyj97exVzL38ClaZWZnzPVJ2x8aEiw==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 238684093.jpg
assets.promediateknologi.com/crop/0x0:0x0/230x230/photo/2021/07/25/ 11 KB
11 KB 42ms
36ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/230x230/photo/2021/07/25/238684093.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 646be3639caa0fd5654b571f7c511f66488c16602fa3e4499bfcabb93bb1d5b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:28:04 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 2887884
etag: "fef2b8ef3996b27039b6daac5dacbf74566b3659"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 10898
x-amz-cf-id: 85iWuw00QR69BjPYeVhhhWHPRs5RLw1ENl3J-ly_2-9We-glStVIGQ==
expires: Sun, 09 Oct 2022 19:28:04 GMT

GET
H2 200 3425904782.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/02/ 7 KB
7 KB 44ms
38ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/02/3425904782.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 81c8b43cee7c75214b0e5f8725f050fcca27f77b113a0d76b34ff5e300107202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:43:22 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 6966
etag: "f3adba68e5764bf51f89e52d23e2a7438ef4e28d"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 6992
x-amz-cf-id: w4KmLDvlzFCAtF1ImZeeKrW9kr0fe7EaTbiRPDei_9iJcMtSP31RyQ==
expires: Sat, 12 Nov 2022 03:43:22 GMT

GET
H2 200 3541757944.png
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/10/ 25 KB
26 KB 46ms
40ms Image
image/png 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/10/3541757944.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 601f3257ba4d24201d73a86e454fae42015a92a087b848361bdb3962c2df9434

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:05:49 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 178419
etag: "d710232ea970e71900a21e3539e74d772f019bb7"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 26035
x-amz-cf-id: ZYemg-sEVZmQFq0_j0jggPltcYP7MKXrbIPdNJaDM6C4evgu5qL1jg==
expires: Thu, 10 Nov 2022 04:05:49 GMT

GET
H2 200 3832042519.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 5 KB
6 KB 582ms
577ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3832042519.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 63a6efd62e4999422af8f9e9654db9e527e827d10b31c453846a54112fd6e413

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "d43b0c646b13d482defa7235531d31969f3e62e7"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5438
x-amz-cf-id: oYtW13BWMKjzjc613hjt3nhbIxGFjv1s6eMj5Hv2sha_Yehw_NQ2Zg==
expires: Sat, 12 Nov 2022 05:39:28 GMT

GET
H2 200 331046487.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 8 KB
8 KB 45ms
39ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/331046487.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ded9ad6f2098779a69ac67f6c22eb23db9fd70a58b9eb87e2b9b16698c61fbda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:38:33 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 10855
etag: "a371d6403aa681885dea4210d53c9fc294f67d99"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 7704
x-amz-cf-id: 2SF8LZCH--mHOGzkMCKmATSqr4_HXqzph8kPLFJttgVU2giBHZ8cjQ==
expires: Sat, 12 Nov 2022 02:38:33 GMT

GET
H2 200 3688526347.jpg
assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/ 4 KB
4 KB 44ms
39ms Image
image/jpeg 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/188x113/photo/2021/11/12/3688526347.jpg
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59ba8bea764ce4ab3007bf27daad5d98944e3d1296b3df900afc5b8c027b7e82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:23:09 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
server: nginx
age: 11779
etag: "f722fff0c6e8f29877e3f73e440ac67d78a9e027"
x-cache-status: HIT
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 4053
x-amz-cf-id: lQsa7AEy91GMqMHuumU-ruRTcRcqNn3wU9Xpx9jPhmBWDgomsDZ2Bg==
expires: Sat, 12 Nov 2022 02:23:09 GMT

GET
H2 200 slick.min.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 40 KB
10 KB 7ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/slick.min.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:05 GMT
server: nginx
etag: W/"72d9511c2715d0da989e1f5bfe886532"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: vy2gjptk98u0UEv-0HG2fZSuls8Tm8pFWLQh3kAbmldZlxQR9C-AcA==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/jquery.sticky-kit.min.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:06 GMT
server: nginx
etag: W/"d61a7b888967697179c82adc5e7fc18d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: 4QlUTZe4LMfpp0Oc6th4qtvb66DAfyxIo1zSBTiI05d8h1P4jXAn6w==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 20 KB
8 KB 8ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/jquery.magnific-popup.min.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:06 GMT
server: nginx
etag: W/"ba6cf724c8bb1cf5b084e79ff230626e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: ZUJrAae0fIxecKgJA6bjEgnPmDEqC4zRkeoM37nMNRsxYg1enM9z5Q==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 jquery.marquee.min.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 5 KB
2 KB 7ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/jquery.marquee.min.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166637
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:06 GMT
server: nginx
etag: W/"14c4877ae18b2930b3cbd1bf9ad4dff6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: SofRHWCs2oXvMC3Yn-c13AkPVckPV2mv4O-3pQdQLb-4RQV6SK1gaA==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 main.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/main.js?v=86
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 40da1f2bb18419fdeb462e7468c95a3ce82767d881695aaa0800bd567ed53a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:22:09 GMT
content-encoding: gzip
age: 166638
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 16:17:06 GMT
server: nginx
etag: W/"7fc45067021f7c9d42dbedb0ab1f13d4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: Rbbl-QXs9-JNW6S5_u_p5Aee5p_xN0TPYXqdsIoO3ZBdSBp5Iw1t4Q==
expires: Thu, 10 Nov 2022 07:22:09 GMT

GET
H2 200 share.js Show response
assets.promediateknologi.com/promedia/news/desktop/js/ 589 B
1 KB 7ms
7ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/js/share.js
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2214d41b278709c873fdb298e1c176c1a8c2e2f40538d1b242a48e7c871611d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 00:49:50 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
age: 6151777
x-cache: Hit from cloudfront
content-length: 589
last-modified: Wed, 14 Apr 2021 06:43:54 GMT
server: nginx
etag: "04bbb0cb75f8655f00d8fa946b39dd29"
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: TNyM_eeZhXj9iHaCP9ADqaF43h4zXeWDrQPClhFdoMTpmDHAK-Uh3w==
expires: Fri, 02 Sep 2022 00:49:50 GMT

GET
H2 200 rfp-infeed.js Show response
js.rfp.fout.jp/ 60 KB
15 KB 71ms
7ms Script
application/javascript 2a02:26f0:6c00:2a6::7ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.rfp.fout.jp/rfp-infeed.js
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2a6::7ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ddce6ad6d21709d476f1a7bf664d9879ba46ba7d466335fec65da9c1243d99f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdusD2Ql-Xq4XwlAar6m_bx-FWdF9iHOIQYf8N79Sv51TqbKTi13H_OQqkEoyy_M7ys9WYeMB-Ci7lVMVWsW61F1a49c6A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 14969
last-modified: Fri, 05 Nov 2021 01:50:54 GMT
server: UploadServer
etag: "d3302f5893f60891b82d063b10e3a8de"
vary: Accept-Encoding
x-goog-hash: crc32c=ALBJqw==, md5=0zAvWJP2CJG4LQY7EOOo3g==
x-goog-generation: 1636077054115304
cache-control: public, max-age=1800
x-goog-stored-content-length: 14969
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Nov 2021 06:09:27 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.5.0/ 11 KB
4 KB 335ms
92ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-app.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3944
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 11 Nov 2022 20:32:07 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.5.0/ 31 KB
9 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-messaging.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 11 Nov 2022 17:20:28 GMT

GET
H2 200 app.js Show response
assets.promediateknologi.com/promedia/sw/ 3 KB
1 KB 8ms
8ms Script
application/x-javascript 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/sw/app.js?pro=5
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ce246b13a7f316521adad2d9a6af151a26d5d8ba56628b82b6afcb44ae4b2cc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:43:09 GMT
content-encoding: gzip
age: 6864979
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 24 Aug 2021 18:40:56 GMT
server: nginx
etag: W/"c5e56d09be700d78a72317816b93fcec"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: oV.zEuGDAhQiFo11PQ50NYA0eifmyoZv
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: application/x-javascript
x-amz-cf-id: iJf-dcRQZiukp9fseNlAyA_5_LgHOmARQPwnqOQ5UrHdtY_XL9S3Ug==
expires: Wed, 24 Aug 2022 18:43:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
41 KB 559ms
69ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9DW766

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd61f86444165ff69b6a357aa1e78b18ae7f8244ee12a61dd783cef38ed0fdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41996
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 05:39:28 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 429ms
37ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:53:33 GMT
x-content-type-options: nosniff
age: 9955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:53:33 GMT

GET
H2 200 icons.ttf
assets.promediateknologi.com/promedia/news/desktop/fonts/icons/ 11 KB
12 KB 29ms
10ms Font
application/octet-stream 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/fonts/icons/icons.ttf?jemrcm
Requested by: Host: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/promedia/news/desktop/css/style.min.css?v=86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21

Request headers

Referer: https://assets.promediateknologi.com/promedia/news/desktop/css/style.min.css?v=86
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:50:22 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
age: 7969746
x-cache: Hit from cloudfront
content-length: 11480
last-modified: Thu, 15 Apr 2021 16:16:50 GMT
server: nginx
etag: "1d8d949452407d5b53666cedb753c381"
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: q3_5rgS7ut844IAjqe24dmNDtxKB9QbZMBLnvtaUYwcLpx9I1wy-xA==
expires: Thu, 11 Aug 2022 23:50:22 GMT

GET
H2 200 icomoon.ttf
assets.promediateknologi.com/promedia/news/desktop/fonts/ 7 KB
7 KB 31ms
12ms Font
application/octet-stream 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/news/desktop/fonts/icomoon.ttf?i7fsrr
Requested by: Host: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/promedia/news/desktop/css/style.min.css?v=86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0

Request headers

Referer: https://assets.promediateknologi.com/promedia/news/desktop/css/style.min.css?v=86
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:13:22 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
age: 6049565
x-cache: Hit from cloudfront
content-length: 6712
last-modified: Thu, 15 Apr 2021 16:16:50 GMT
server: nginx
etag: "1ea1b32003df3f4a5a29843b3ec0ae1a"
access-control-allow-methods: GET, OPTION
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: Pw1vbVRGszvsiMl6r5YCMhG4SIYuF5uvLedtaOX3vNB8EXziShfRSw==
expires: Sat, 03 Sep 2022 05:13:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 426ms
44ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jatimnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:07:14 GMT
x-content-type-options: nosniff
age: 5534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 04:07:14 GMT

GET
H2 200 bg_box_1.svg
assets.promediateknologi.com/promedia/network/43/desktop/images/bg/ 452 KB
157 KB 18ms
11ms Image
image/svg+xml 2600:9000:223e:f200:13:3dcc:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/promedia/network/43/desktop/images/bg/bg_box_1.svg
Requested by: Host: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/promedia/network/43/desktop/css/custom.min.css?v=86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f200:13:3dcc:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 193b38446d8a920d4b484307bf1f129a98808f0648c2db4a9f94218bc230b38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.promediateknologi.com/promedia/network/43/desktop/css/custom.min.css?v=86
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 19:28:07 GMT
content-encoding: gzip
age: 2887881
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 22 Jul 2021 05:49:35 GMT
server: nginx
etag: W/"5922facb512e57a5f45130a26f62f0ff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: or.fxPVvW1_1uZptd.4O_GlqNcXmzxYS
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-type: image/svg+xml
x-amz-cf-id: KPgMrHkYiVeDY30CTC3bbj73_YNZkX8wrDzxywQhIKgvhFjO_B4yQg==
expires: Sun, 09 Oct 2022 19:28:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 281ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8400307307701650&plah=www.jatimnetwork.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 13474340241825499027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 05:39:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 5EAF 11 KB
5 KB 424ms
39ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Nov 2021 08:20:20 GMT
expires: Thu, 25 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 76749
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 708ms
624ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/jatimnetwork.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d0dd9b20aab5c98b20919d5cabd078904647d77750bc4da7dca50b8991bd4d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1041 / 665 of 1000 / last-modified: 1636672001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26898
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 05:39:29 GMT

GET
H3 200 pubads_impl_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ 342 KB
115 KB 95ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117754
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 05:39:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
134 B 89ms
45ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jatimnetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ab06f223d459bf92034237712de93373f91e9a4936939a737eaf1fc7fae93563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Fri, 12 Nov 2021 05:39:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 1904ms
398ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jatimnetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 6543ms
373ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jatimnetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 292 KB
88 KB 878ms
877ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3210554376835826&correlator=2162184052257279&output=ldjh&impl=fifs&eid=31063405%2C31063705%2C44754276%2C31060888&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=5197741%2Cpromedia%2Cjatimnetwork-desktop&enc_prev_ius=%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F&prev_iu_szs=970x250%2C300x600%2C160x600%7C120x600%2C120x600%7C160x600%2C970x90%2C300x250%2C300x250%7C320x100%2C300x250%7C336x280%2C300x250%7C300x75%2C728x90%2C468x60%7C728x90%2C728x90%7C468x60&prev_scp=promedia%3DdesktopTopHome%7Cpromedia%3DdesktopGiantHome%7Cpromedia%3DdesktopSkinAdsLeftHome%7Cpromedia%3DdesktopSkinAdsRightHome%7Cpromedia%3DdesktopBottomFrameHome%7Cpromedia%3DdesktopRB1Home%7Cpromedia%3DdesktopRB2Home%7Cpromedia%3DdesktopRB3Home%7Cpromedia%3DdesktopRB4Home%7Cpromedia%3DdesktopMCB1Home%7Cpromedia%3DdesktopMCB2Home%7Cpromedia%3DdesktopMCB3Home&cookie_enabled=1&bc=31&abxe=1&lmt=1636695569&dt=1636695569867&dlt=1636695567215&idt=2618&frm=20&biw=1600&bih=1200&oid=2&adxs=265%2C1035%2C90%2C1350%2C250%2C1035%2C1035%2C1035%2C1035%2C265%2C265%2C265&adys=132%2C163%2C119%2C119%2C1110%2C1120%2C3197%2C5149%2C6356%2C1805%2C2423%2C3512&adks=1393834607%2C361167032%2C3540937523%2C4147931562%2C3394477749%2C1777939453%2C1521943947%2C1275808879%2C1552488953%2C2088792526%2C3126119232%2C4075539234&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jatimnetwork.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1070x0%7C300x0%7C160x-1%7C120x-1%7C1100x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C740x0%7C740x0%7C740x0&msz=1070x0%7C300x0%7C160x-1%7C120x-1%7C1100x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C740x0%7C740x0%7C740x0&ga_vid=976217590.1636695570&ga_sid=1636695570&ga_hid=2104125570&ga_fc=false&fws=0%2C0%2C512%2C512%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

19b4a722b9a20b883f5065e3a461eb231ee5b33d9baa7970a8a0088a03ca2dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90012
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jatimnetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A55 6 KB
4 KB 899ms
44ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 94 KB
24 KB 434ms
433ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

58d89face2c66d738199d054b81a06a5a3f60fab40dfbd049fa3e63d331669ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24679
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jatimnetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
261 B 156ms
155ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e179b9950d625d6a3beff62a6c363892af5375240f6f87cfc7f2fb9eb0678e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jatimnetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
442 B 61ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jatimnetwork.com&callback=_gfp_s_&client=ca-pub-8400307307701650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8400307307701650&plah=www.jatimnetwork.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

096657e8b35846034725b603adcb965fba5df2888b65fbe7df5953142416228d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 131ms
131ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jatimnetwork.com%2F&tn=DIV&id=footer_sticky&cls=footer_sticky&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FCB 0
315 B 420ms
118ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1636695570&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jatimnetwork.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636695568622&bpp=2&bdt=1407&idt=1425&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2819588366336&frm=20&pv=2&ga_vid=976217590.1636695570&ga_sid=1636695570&ga_hid=2104125570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432&oid=2&pvsid=3210554376835826&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1438

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Nov 2021 05:39:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Nov 2021 05:39:30 GMT
cache-control: private

GET
H2 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D323 6 KB
3 KB 430ms
46ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js
www.google-analytics.com/ 43 KB
0 7767ms
1891ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9DW766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5910
date: Fri, 12 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Nov 2021 06:01:06 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 35ms
7ms Script
application/javascript 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 17148724
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: KwdewW3z7TUO2w37KzVNR9sPmrw5jsspokNVB57MkvPU-n6hNULL6Q==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 34ms
7ms Image
image/gif 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Jaringan%20berita%20jawa%20timur&time=1636695570744&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.jatimnetwork.com%2F&random_number=11389211577&sess_cookie=458da29517d12a87938f4f2c4b6&sess_cookie_flag=1&user_cookie=458da29517d12a87938f4f2c4b6&user_cookie_flag=1&dynamic=true&domain=jabarnews.com&account=WUrPv1MFx820uT&jsv=20130128&user_lang=en-US
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 03:11:38 GMT
Via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 8872
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 9HqrBv4NejvxiQzKSjSPDlmY5zusS33dcIx_i0o6XBf2dr5d16C7WQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 548ms
175ms Image
text/plain 44.239.69.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.69.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-69-74.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:31 GMT
server: Server

GET
H2 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CF8 6 KB
3 KB 37ms
36ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0372 6 KB
3 KB 38ms
38ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3EB1 6 KB
3 KB 4125ms
4076ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69A5 6 KB
3 KB 973ms
927ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE35 6 KB
3 KB 1052ms
1008ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FDB 6 KB
3 KB 1009ms
969ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F9F 6 KB
3 KB 964ms
926ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0745 6 KB
3 KB 962ms
927ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 658A 6 KB
3 KB 958ms
926ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 31C9 6 KB
3 KB 956ms
928ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C141 6 KB
3 KB 2051ms
2025ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CFD5 6 KB
3 KB 951ms
928ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jatimnetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 05:39:30 GMT
expires: Sat, 12 Nov 2022 05:39:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame D323 3 KB
674 B 346ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 04:03:04 GMT
server: ESF
date: Fri, 12 Nov 2021 05:39:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 05:39:31 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D323 1 KB
960 B 483ms
91ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:12:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D323 0
0 69ms
69ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9SZCEv6NYZeMAZKl3wOk_KXYCYS_vK5mr4zJyd8OZBABIPTr9itglZLxgZAHoAHMqLDgA8gBCakC9XdypQYxsz7gAgCoAwHIA5sEqgTxAU_QOTxKt4GFnx71_HJv0vlyCOKF2Qhu_SfJTgSVkA2aHIbOIzJ4EhZCLTcGkI-lhXBItxpbNX57a8ZjVKHPXXshfITrHiv5h7FSD7OUOsD4g9jIGg-fORO9iUoePEMST1wzOmnwTKTmRqcYmV6AL8n0F6404crfmfxqUqNXUs8_FtrU1P2HqzjaA4Epbp-sF4dFYQhhEXAjD0tYFywCTyHlmLuvBjMr9H86l3TXo8KaHZnj3EClmqUclWYrx1iYlK1UcvhIPZMPnnW8YDbfVDQzoT4s1PC-CslcMwieATA9LlkcZMUrt8DXB7zvtApWD5HABNbSz7zdA-AEAZIFBAgEGAGSBQQIBRgEoAYugAec8rIgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQsYQL0ggJCIjhgBAQARgdgAoDyAsBmAzzxvj0qgO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTE3MzgyODQyMTU2NDE1MjEYuZod&sigh=NPps2Wy8CF0&uach_m=[UACH]&template_id=515
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame D323 19 KB
8 KB 429ms
39ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:16:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D323 2 KB
1 KB 479ms
89ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D323 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D323 15 KB
6 KB 435ms
45ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D323 0
0 436ms
47ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtjhiVSqBj0EBAgbSmFX8RWeNrwgVjGcJHMf19c2FoIQp4iUcPEtfhhSnlNgrXUty6ubKXuqz2SsixFvWslXx6fYDspQ
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame D323 0
0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA69 624 B
299 B 581ms
380ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNViL3zesBqpUY-9Sr3ITWYWPLLHK03ZHMphKDnaAzy_-BPvc-1g58i73IH77HPFFw_5wYCj4SZzvzXVo1Bq-Yo3AIV8Q0PvZ7XrmMOy_VArVjVpkMkHyp00nqitb_omICtOE2d1mdUZzg6c1ywB9Vr6DyDk5oQRLuA8pAUMPu-NM_9r2Z4

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Nov 2021 05:39:31 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F82A 25 KB
15 KB 579ms
379ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-TkTtg77tbuAA2ep09FKLr9D7F6ZT0lXwciMev5XiSHg98s6WktRjf18OHGC_SLCdk0GgjcpL0r00piBcFjtsP9icjh4RTHHUxZocDYltM6BVGGtcvVDhEOgQG8R9aqLzo9LpNKxsSNYc3oNHgXe-XCiDyQ&cry=1&dbm_d=AKAmf-AzGxoAn1eCfSQQ8dNUeUvq4H8yWpJwX0JpWnWq3xJGygEaVkYLdC5mJnnRh1ZgHUs-c-QKbuH3rJ24KVXtCwD74q58TGt_NnT42MVJWpJxP3LmOSBF2hx6DPXlSsmDrPI-cvYTctlSl7QfHGaq9KAojWUAUUu_HfSe6IuMmybm-Rk7WqTpY_1EOQAJQv1XLQwQTAIcZksOU-AAwpWLOwqQc7hDmODzI78cry3c0Qg8B_B4HY0909lqWS_pbiS1joeSxLdwIOgEQAfm0MIEU9gUVSUiwLzfzH1_ehVzu1S8KLW_kRRCFVjvf_5MXltZW4sCOjqWD56V8diwQwNZKIZeyF9gecd7u1vns_SxdRIl_yI_0Im19ibIeP4YkoavHqMFg_Ok0W1pkDjXEkTkTLDLYojndPq9yd-JXyTGWWdn7gMzBBqdOYEGiKoxBwRrBCqLI5jCP0-hc_NvEuWhx7wgjRVkbmYjFeW1b1jdABO5nlmYT0vMaskZQQhAVdhJR57HNXhoeb1JKUH6cIAfF1t6B6N3JDTpXdruNKxBG7lx_5aY7TuiqH3JTRC4gtOk8Dcga8aCupgpJMpP8nU67LRAW_Ddmc2TOl8lRfwUmB47-xlyf2ykQjsVaVLFljc8OFpQ-u2c48wdUHlyfIj6KvImXpiE8sWi85x7l37PV_fngxzPaF0eMM8vy7Y_tYvAGIkU31lc4c4ZOg77oigW75Zx5SZHYl6-2xy_qVebdly3FXwzr6gSqmEqqF9c-eNUI-jnfgsUNmHr-Hx9qiR7JxjiG49JUzUEF3ZTatqGUb8r1HChooH8mcxoTcFDe_Z4AMCqYsFXYtHFPYN83TDbVbJY-wRI8W5QSyYgl373Yd_uiKDQeP6dB6IcUrla_iXVLbfYl6B66Zsnt81fOeoZV6tw_fOeaQghDf1AG5fWE-e-YAXSXUFxWZV_55loxQiLFFJlH11YqGMjzDw7X33_5btobUki_7hlkLvlPASg4Z94rXwx41N2RTP14cUuKT4vigKhOzZ7HMfjwXFIu52VZitwrVkGrZgToY9wbl5OcyWIS7S9C1ci52aR8NYhAMuY431vZx8J8TueWIwBVpZNNE8Ju9pbpuv5EHr1mnCF5NHw-3MexDxAE2y3B_qCz7liOOqNzoAr-m5ZUmu4ZMIvTxRmss-4fiQbyFpsR3Gvu0hw2nvinbYLThuUbxM59pDw7Q7J30A83vmpzETsJO9vt7A8Lvj-qBBrzuAenrfkxSNtyb4PrCoYPz_CK5UaX_aMjScVdY1IY-B1bQPbZcdokFBPjCDr-sxHeajWUbqAEae-gt4WlLPApYO4hWWGLavYBIab-BnEK1YFFH0Ba45sBPRtfKTi6STiBQOpljk-KoXkFbkO2Q8Z1h4UNVa7YD1nwV9KNy-LI165MPPsF0KdMlwOSmcD2SokCrx0n4LudfBLu8jJ8rMk4ytL9MJ6tiX00DPcDD_hzdn4wYN1mLCyCU5dJzGc7GXVLhYWiysdw6DoHUmw6dqVJpzjWIH7KWN_vv-8bIr410T1vf6wgOGhUeGeGjy4_Oayxbd_lHo4WXBK4YDKQ7CR_V42XUlMAO34k6ub1dJQNWYbF5Z8zcXDlRlJO8K8a9ZUVCcxsOlDDTimOxgMEt4J1lqgg7CNsDUxcwmAt-5w82LLMOibRjhS9x9a5bjNRzZyge7OJ8aOPlz6a0pV6WXYE73pNTaAORIqS_Yb71-qYMRnb7IY87N75SiIhJag6ueU7ExaYjsJBNnaIKHJhsRH54vXZauaHmIsqDomOyy4PLeqQ-Cy5tpbt9Aae_yD_w812PBPDjd0jdS0NJ2kxqfdsMku3MdW4IJtjUgq_TCB-jbwGj7URQ7jtctwoKDCv0PJZ4x6J0U9UpiuMm18gMz8sPpXRFfsEax069H20D-gW66Sn5PnJ4X9oKLiK5YJ9Vl45_KfLgl1vJwctmPdTHhNvpZZqQh_4IVJCQfxLEA6rstiG75Ipwx5zp3rR0QUIcR99Ww7XyNT3IWXmZ2CYdpZLRjZTd6WrCniMZ0GAtGFsZRznqA6uXrlRo4DoAKqf75HnLZOL3M0EX3UFS1bY9JMOjuE7XvacOiy3lVw7TMvwspKZL04N1guLsv6PbSmv3ZHwTtNA3Byl5E3HWpnwRSqeeMFFn9n8JxrbJWJ_zR9NTQ9eSKTqKaW4DzKlQVeYvrfugvbttOeySao9bLEdvb4DyzEALF-CwstDcQocuhWvHJ31wSMXfNBtBMpwBx1s7aQxXU9DlN3nCIffb5gS_OStmZ556RB9dKdeNkw3JLkC9K7dTZco_dhfL44Id1W6UlMDplsT2IH2Bh_-kmjmVy1VUeDEr-awY4-KWmz8CdBZ_NrRlewl0-U7lCvjvvcChitewUdutBAp8ModjJCK2UszaT9dwACj2FcHDNmYNL1kSrQnqh37PY80C3oZO6G2r8Ij9v-ht5pO-1rgmBXK1MxiO0TLu70ErCZSxvAuA75VPbl1kd0NYoV1-xh7EZfbAbHc1TVBS9AtECavW4EYuvQGKVINTBEQZSwOtyfLV2idsPbGweuvB0RJHQ73WwDitLQqzFStdrVJCqMPMi44dJkTdFdLjVMIwja_rbbEimVyBegLSayqZy6XcTgv-leCBYp-kOv_Tc5ySfHVjcj4ZYrWpl7SJcAuObfN_mV2pVnX20D8_H5kqR35n5abHcrj_B226VUT6c40p53e6DKIL-NC61FqF2mzRn89AWr0a1fBi0PrSy9dR2Gojmp125kMIvJYnlkHBvXVTwFgua6M9zNt6vwFMo4manpqvRG6X9P9-C0qvRuroSmRdwyoDV0d0sUW6alpkmHlRKU7_T7qDuE2ku4WyvfmQl4zsWBBGjNSWYDPoUlnZgVKjMAnRvLZf3O500M0HyRYCahOEL-bW_o0Svw8vgT06osejZTaePykw77Bt4x18Lt2e4gEoz_SLAwTsi4844K47QUmHEJK6-SNYLQPNh_gNyZuO6ZNcgTzDphVI1fg-CiYscS0mMvsaEMeCRgxQv-zKdxdw7vVFD38qqS0u9BGKDfW6m-aqCbVT9IRB5K3b46gYagUQlCI7y_pgLdxGZwBDR3qBA1wlmD5DYUfSp7f0HitfJFkIP6u-S6OHY_tXe66EEAawNjn6BCyzllWgGKrVbLFLQoAG82uNLUxoacCNpjE5e7kJ5W7QJLr0yaTtDb6SVe0egTKuatf5rAiQlnm3aPCNr8dGkVaXWoLipjQ8KztEfiR-s39zsruhZeXQfLDI4tqgGO-Q&cid=CAASFeRo-bdjLLePnCdkQQG_hZvb2k6aYw&rfl=2%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3ce2957e5099d5917944e4a24b56f514e1f2e527361515262c6973c60e91e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dcmads.js
www.googletagservices.com/dcm/ Frame F82A 0
0

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/415630/45225567/ Frame F82A 46 KB
13 KB 132ms
54ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225567/skeleton.js
Requested by: Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-22-238.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fa5f52bea78b97daa45243ea8e3b0db232228298588d59d4e9e9c262c3a369b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:30 GMT
content-encoding: gzip
x-server-name: app06.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F82A 2 KB
1 KB 468ms
89ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F82A 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F82A 15 KB
6 KB 453ms
74ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F82A 42 B
63 B 1334ms
1334ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjnJ4xzLyqA4ObFfWmS0iVyzCT0AukHBr-DG3wKw7U-9SRJXEAQ_tZdOv0LO7SCXYJ5cM71AzHuWQ2SelhbN4TQyJN7bOUw8OU_jLUqUTUnTGJ6aY

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5B41 624 B
299 B 576ms
379ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ49GPuwIYpdDptgEwAQ&v=APEucNWVx4cdbw4J6JknR0Bnb3ANoj0hbcmxlRI3VwJczw4c9PMpdq8v7Lvze2iKQINqJheM0fmoqZMSB0N_XAim6VB4_VRIWaBAgu2iqbbBEhf45J-NaqJKc0SfkpbD1R-s17P8U3RRshBgztXoDQJ1grF1dyjv4hlOF9WnHkeIkyvA0FFeh4M

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Nov 2021 05:39:31 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0372 71 KB
30 KB 676ms
478ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1dp93FCZ8w2OJNsbd3lrqWE0pQX0PiDFFOTjoO1MMdHuLgVjSf6SghunoLfcsvdgAU7nJ86JxQlpxcuIHT1vGvvlzvFUvX1nQ7nRRCFRyyzzYx2VfNCZYOVEfbSZn3IiKz6x8Ql5yFx4ekFDXbWjDnnxXOw&dbm_d=AKAmf-D2e1PUjSaF4IMpQumytI0JQMNXno6qBAH1idUKZfmkBsJu1nUEKWB88_QfPH8iP0-CaYSrhcdKa_VNpQUzov_yyTP6sOxx2DaUY2F-6ivlqzQlWJZPFBuTOp1C5ibH_fy9VRJInlBzmDXwh5aCfmj-fr5bLSObNKUofxUKi7wt92AmbYPmvl4uBYpv2eb0Bhs60PiosHYUQttaK6roJx1ZX6rOmzfLTMbnO_sdGpi6t1zxgVPXbU9lqgC_ZIIGElsOPIY57pxDLN4cvFYdR29SrAnn9G5Y8c7IGuNWpAgQ7YlpQQwmS7ckm1zAnqgHoH22ecxGTY2ueFmBD42HqKcueqNgWFyfOlGljWQH4trKxiRoMavwAzmF19x-PMWPed9Papd_F7LgNC9BMJIVF7kVhU5eXZS-7rU-7-mtp-OW6R4e5aX-RX-dB_JvuB4kkpoJGxjW3SrKWmd1Zk5LlDQrAllIDzpiZHKzi_mgP-S-E8x-HxTQTcLnrbXEzTf0Or0-0QHkNSiel5DnjQxYcLc1mvGRO4yl6SMQSFWyzxwTLWK4OS17oIrBaBxUsok42YDPrMx9wnvLRUPcXrQ7D-xA-B_zlYgz2123dD7L38TzsKrwDTKPjdqY3LFN5o15ajDpPfgaf2MilbedJRGOQvAWqFLhotsE7JSrdGwfhG4mjzhizDxLuB8gAK90pDLOe7urjN73pJw2xjBYy_W4AztwcOYWhjzqnXg1Bwd-reZ1RvXFi3GBgVyNnWX8BTBAPwNBq1xcLXS_jWbzT94Tum6gaOh6nGf8yeDbx8gsPbhQudrZ0sHfB38gbme8xUUMvyfu0hm6THjVyOCV_XmRLOyND5aoJFlGbMYTqmWijH2IPYjeQQqGdE2BjjS33hsgRJcuosNIrrg0Tx2vU1IopeNKmU_lGMDwHrMTJkY1rmqcWuvLo0lkSw0L4aNuA6dTXTqQHxt9dC_Be2ok_GQMV8XYqjMN8WOVt01Aj8qsxSQ9D7M9LimMLTjELYoDBGBIufCVPKuCyCNZg6WIzkCHZvPxHFLwHOm14RfNZazFNdyIx3L1f-05S3Z5j6RhDeszOO1ZakpKVWBh6fIj2c2SAaMAWbhpOHyajTxai36M2N63Ri_2wpEuWi3BH0gvtu7_wz75C2xtkoAKnrKo3ARN7OZFUrDC6hjxwXawTxcA7xznk3cYxEMgkKr-oje8WGszumqfN9SjlTCsOClnOB4eX__xW0NcmWPHAehwLuuJy3DoolLPxDgUFS_qWkUkTknXsvWZ4mQcmKU-nu_jF0MuDa7UTa63JKx1t4Ta2tSSW0H6IzzUdLq1PyeKq8zLNnKEQhM3Ayjv7_XBKyz0CiYz9JrxGX3x9uzm4sQmL7YrEhRoH8f4fDMQ2I11quOqsWJJWm62Vr8A-wydOzn01bec4c8NeqfNWFlKeHv-gCJqqWWPMssjLdZpjyY83Mn1pBEcnYwA8EvGyph2iQheAq0u_sz6kQ6LVp4pUokaSY5Oqv1mtRO1k6Qvr1G43ovsVR9ZTh3SGtGsnoiXa5raUJbl8IBPCA2Bhm6KMgUu20ptDObRY9LQiJc6PZHgv2qH9zCkPdjX7wCa2BXLNECZU1roAwNHUP6P1YeaDlNO_xaFLoH1qYxb0coX48R4FpMdf5T56mec7NBD7YEWdqUfF3mCPPaaDLncO5UfhGO0f-gp0NDRRVl17kTi1aoipPxFnEG8CL0AQeOE5uKkA9z4kpXA7Dj_VmG3fxmmyZD0juFhVVQgCrTyqlT2kFA_Bw0c7AfCV2ppu6bXZqRDCpVoxPLMYFNQHdFwI02UEQeqy-Z4dScLpITgdQBv48tP_dDp2CubrwZeIK7WwNHuhIOCIJICprs6-umvypeT-ZjhFLYNAbpQKKmU4s22b0JYk5-Q0AOwRwJzEJ3A9WqTpWDvD0_bpkNZAkJxgXmHBt9awlHV8VcmnIhpSpEmxpCOfl6qjHMnFXHTyzNIC5VON9WnkQk8miODNbL36ICQSNJJ1TEByOdEmzIpuU0uiGIy7jZINIIRT6n1iAu55rcLxItPLm-gd47OcqHt5zwbfWOlTV7rn-fwayWH6kI-FC4XO6VYM_BerE0isDsJ-YN3YCi-GlcSm0w8Z_8hoRDh2BS9p_j1iHjRJW_qYgtIgJiUqRQ7g8pZ8mjqFYJEyakKwjC7UNr0SPzrjurGsimF7JoTRrUZxEheu4NOBC8hgM6_nHmqdn2foTLQe1T5pR411sGboMuMODZ21p1yq8SGUV7ZGm07k4e7fdVBXlXLU-6CgRCfbziaP2ZdqM2JZ4vaN8Vy42HTk5s4MpES3m89LXnwZ609AaQ4NjUSTtreFys30HjrgcEKtYHUNWyan2fOONuktxeD20zzNr8h3Bzgz420yWfzusFAMzsjq2B9VLJqDU-lEwWiL2GRmXveqNCxgHTX4fIBAqOJu7280j8iiUw4t2L82DhfEa01fRBVBZggkZOK-sGjdE_b3pKYLwfjTpc_o3SV8kz_BTqtk7yNOaVk-lw9UTl3cvkkBV4_WpfMDWBLjeWTsPslBh36sM0EDc1aUXlEXF3QIot2uBnXUXXO0uQSTW-o-dQGrjK5I5Y_h5wUkJ6fGJU0VAvw9QPRr11mwgjb5Bd3tCJbQgfrTmlyWi8A7UcnuqA2ayhFGE3DuyH7PUqfzo1k3LHKLTCGUwowNaOsL4gzFFAL4hOqdVxV4Vnl7BOXmrM0extjpqy3-u5P5ko0yeUyi1VmPKO5nkO_RKYzwWEGc5aBJvoiyJmPOEwRPIRluuvfhHjmcCOMEDseTXyr0jgb5EJKb7SiZesTPx6nWx9hWCLa3IC9LS0nY0Lax-Y1ERoHLeOUij2Jx5E5UDr3O39rCAmFFNy0oqRL9rcGgRhkMHmjH8nexQi1ynhvIoLEi9CHYSop0zp7j6E99OnbvXM0ObQ-gACZu_8Ic5yPIMTyuvbIQ_kPduSfpPALls0r98907lDaL1QokZhxHjoWl_msgeyY75KBsHZiEv7Y1EMluFafkVhHm-kdwHUl9bh-d_PP-vH9ekjY1q7RtJ0a0yTT10Ak&cid=CAASFeRonrgwV5bfhEWU-ZyE_MXNeZ1tNw&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd962c3b589aae816617f974ba731114b852fe68cc6add628ab324752d3f65d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30579
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0372 42 B
63 B 1331ms
1330ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVFWUfvZsXAgHepiOrfig08B1CCkbnUAekblx3BGeZKcWOz5KiTu2Q_zvPeblQ83TXU8t7JQpCGOYJVFUGXKUw3-NI5HJ_QhfmU5DUoik9-GrYEew

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0372 2 KB
1 KB 467ms
91ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0372 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0372 15 KB
6 KB 455ms
78ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H2 200 18076485150489721097
tpc.googlesyndication.com/simgad/ Frame D323 3 KB
3 KB 461ms
86ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 04:30:19 GMT
x-content-type-options: nosniff
age: 90552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 09:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 04:30:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ49GPuwIYpdDptgEwAQ&v=APEucNWVx4cdbw4J6JknR0Bnb3ANoj0hbcmxlRI3VwJczw4c9PMpdq8v7Lvze2iKQINqJheM0fmoqZMSB0N_XAim6VB4_VRIWaBAgu2iqbbBEhf45J-NaqJKc0SfkpbD1R-s17P8U3RRshBgztXoDQJ1grF1dyjv4hlOF9WnHkeIkyvA0FFeh4M
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Nov 2021 05:39:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B41
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY3.Ew7DfCQSsnJpSKM2ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2

43 B
894 B

24ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ49GPuwIYpdDptgEwAQ&v=APEucNWVx4cdbw4J6JknR0Bnb3ANoj0hbcmxlRI3VwJczw4c9PMpdq8v7Lvze2iKQINqJheM0fmoqZMSB0N_XAim6VB4_VRIWaBAgu2iqbbBEhf45J-NaqJKc0SfkpbD1R-s17P8U3RRshBgztXoDQJ1grF1dyjv4hlOF9WnHkeIkyvA0FFeh4M
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Nov 2021 05:39:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5B41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

43 B
1008 B

14ms
13ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ49GPuwIYpdDptgEwAQ&v=APEucNWVx4cdbw4J6JknR0Bnb3ANoj0hbcmxlRI3VwJczw4c9PMpdq8v7Lvze2iKQINqJheM0fmoqZMSB0N_XAim6VB4_VRIWaBAgu2iqbbBEhf45J-NaqJKc0SfkpbD1R-s17P8U3RRshBgztXoDQJ1grF1dyjv4hlOF9WnHkeIkyvA0FFeh4M

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f9dc5051-5662-43f8-96b1-988c1886aa3a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5B41
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNjAzNjcxMjUyOTIyMTI2NA%3D%3D

170 B
232 B

62ms
62ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNjAzNjcxMjUyOTIyMTI2NA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b52e3783-24bd-43a5-ab4b-07b733d03ca0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNjAzNjcxMjUyOTIyMTI2NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BA69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1

43 B
894 B

25ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNViL3zesBqpUY-9Sr3ITWYWPLLHK03ZHMphKDnaAzy_-BPvc-1g58i73IH77HPFFw_5wYCj4SZzvzXVo1Bq-Yo3AIV8Q0PvZ7XrmMOy_VArVjVpkMkHyp00nqitb_omICtOE2d1mdUZzg6c1ywB9Vr6DyDk5oQRLuA8pAUMPu-NM_9r2Z4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Nov 2021 05:39:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BA69
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY3.Ew7DfCQSsnJpSKM2ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2

43 B
894 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNViL3zesBqpUY-9Sr3ITWYWPLLHK03ZHMphKDnaAzy_-BPvc-1g58i73IH77HPFFw_5wYCj4SZzvzXVo1Bq-Yo3AIV8Q0PvZ7XrmMOy_VArVjVpkMkHyp00nqitb_omICtOE2d1mdUZzg6c1ywB9Vr6DyDk5oQRLuA8pAUMPu-NM_9r2Z4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Nov 2021 05:39:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEBwcH9oOli9iHEskorRCJQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BA69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

43 B
1008 B

32ms
32ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNViL3zesBqpUY-9Sr3ITWYWPLLHK03ZHMphKDnaAzy_-BPvc-1g58i73IH77HPFFw_5wYCj4SZzvzXVo1Bq-Yo3AIV8Q0PvZ7XrmMOy_VArVjVpkMkHyp00nqitb_omICtOE2d1mdUZzg6c1ywB9Vr6DyDk5oQRLuA8pAUMPu-NM_9r2Z4

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b7802793-5712-4a8c-91ba-3420582ddc7a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECAvoeIL3VF3b9-LWLx2Hms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BA69
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzY2OTkxOTA2NjcwOTgyOA%3D%3D

170 B
243 B

68ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzY2OTkxOTA2NjcwOTgyOA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 05:39:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c8a73cc8-0a22-43d5-a6f6-6302dfed0356
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzY2OTkxOTA2NjcwOTgyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C4C8 640 B
316 B 162ms
161ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 658A 13 KB
9 KB 702ms
701ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dseq4rVbhl_uX_ZScpR3Mk1A2mBF9wRJ3sqprKpvC4Sln6YJk_8oj4ai8bcCe4Cm5ZVnlOVHZkU8sGCjlNUx_ZSH7vbQ1jceeAFNgMYtYtWyHVYPmaecmty7fJGqAqIMLJwP3QdxkStApYyt5sw9Pq3UodLA&dbm_d=AKAmf-DR1FjODv5sb2E9_ODBZ2Xo5D2CgAR_-WAuvl95xyNX_u5WhRvTokrHswwSfMx7HnPBAL94_RzrpBvb3vres9N-bz8brdQSnQ11iffaJ6-12CE0OuIseBlaPc40PSFUly4nNFK9fbzEGr_hsSO82dTj0wKVdhyxc8pQ550mBFfJbO4C-YWu-O_ebXYcayR_1hHDaE0SzwjCizziUMqMJ8BWe6bKxZ_fSDQHvRgvekAy14bnDMkWVwZ2DENfSR1XOeoDHhMOBVvY0ufIbJtkJkX-z4ZGnsJHzGgAfYse935-VgosA-0_j5H8sy-AfaLXA60FOIYRcAQE17zsjLxEKbtP9SfuY_eq_7FeZ6-FiTPDtSnrgT3wZkonJ4TxfsBoPMbPXrZx4VkUG9QF9Vos75r8qmNSTyUp-EHug0V1zWpmnQGa6cm0VlJhqunwdgG7AZe4Zvw_zcg_vgOg0Jo15v_mjl5rjhdr0vO9zFybq_MiKjMt4PMtMPWumOybTUKJvUPhbYuKHbjerSQM43oQjQWPT12TMK3UStszGbZp_bWtISoAit-pjMLkz0JYAPuHPEs4BJ5ljrl_dJmI0qWDbDNCgWgykzd0Y4V8kj1uF0540gDt9cNI21hGNZEtsTW3TW9ZEO3Gp0BALYuQq6i59Et7h9Jqfb5-_jIhNfp5udfxtSy2-XMfR4w5LmEMhMTuWN9BdJ-tv-qjkyIs4m-YI_XBq6QHnocfpyR_uWJaXJnZ8GCjBvRGGzHYI_nY_uGV9HzskE3xiHx_bKbdTS1BJXt1gFs2MI03a868q23VbEhfAPYkwehSwfjNBtgDDdxldyKQQLlYm-ZjP7msXx6HNGpCZFjUdkm1Evews5jh-fpQjU1Ooxh8Zll6HVNHNRjw7EEKfqkVcj1qYHXx6lP0KiJES_5PVmszYozCnyZcpFPCqQXUo9S-FBA7oYnP1W1Ni8zJOVf7A8KMt-dR3NdiimTtKOziBNuFKv1dtyoslhy-8dnCyDo_ZDsLncQ-EDUh47OzqNvu9ehaBGvzKKyOInNITLYocmbYuilq0jxSNsBQ3Hu1VaCx0T6Bq2De-F-A7lxBvu1hv8kUamueCh6FzrMBOzEehojD1oL-XKY0iEi1194KnKn-nkBZ39jiCImObDoSTEkDiJEHQk1-PLodP3AIf-HGLIbBQwOgS6AQtFwMdm5wYIXNTa4BPKA0FY-oWFm4ZGeQ6fYPfn92yguCYkwirPZGQvEO2RwUib7ouw8d6xKZpwFIczA9X4UWB6lV2kG7Mi9i-oRTmoGTHcVS8oLTe2DFaEf9Q2qrvBCtt_XscQWSu0rlcrKCccBepbwyc6-am6AEuIcpdXgN62D9AjGB2mCXRZm7e4nuizZg8cXGFwqmIZhU4J-FiUqBCfqoqftI2pWfl4X-6TOxx8PHC5ipLStwRkebKTWg7VXj10AGDbNfzhW9QBXXnomF7nBkX9toWkdZStHovEpCY4OjN55FmPoR7ev5gdc71m3Lr_NwczHLvDjiw-9MRHAIkU5LkwM2sWs8JHxZ34AgahUFetfpJHhzIS-XF0n_BEiF31DrOlHvZ3GMh5I1jY3bDzScIHxNzCoKFThm-QhgVqyjF1wRs8l__aWOOzlwzzObw4frspDkehZ6x4uou0Qlwm0MTFE74iJwXA_1hg69XmsuGt4xmZPS_K1CZWjJpAZJ-9VG3IMVWQrxuMSzLGqCZJHHGEgtPWm_B36dmykw1DP8Lt6MB-9MZ7efEt7Odngfk_lafnLx9t15PpDxCpjRnQ9YrRkDnir4RmyHj1qAsx6CFsNp735R16SDk_VfOs2M7Y1qFdzlu0lvlVe8xCtFVv35cH5uetUWoKV7mrs14zhA0vMwyKDZD6P3p0Ki4nvDdqiugncj0boulUepjzLGCyh9YNJYa7qu8W0f6SkxLrm0sE3dh6zHW1cYRlS3e5pOrkjqlXdVPXO3KAGRAUzORjqTjDrKa6Fep2AnWsUqXvXHy21U3kOtwpbCAU3yuUoPC3iLM1vDo_8sm5a1WhWvOLpF9mgQcWf5JG4ShoWXn0pQ4TMYU-zkSO9e437mNpK3Nfrhasd8JvCjDmap5xLjZWAAP5ywIuLdKeJL6sQLWhRl0gKTGnE9ayeL1EQymN3SzZNniVw-iJjIIaG7zUbyhVoFEqP-6wKuwFn3FyGPEuzLBVgahwhqzcwvMcsh1dTBT_0zRLGukgmGuNFC7W2vVyMMy_VNcOH6zHtWr8TwKnTMcu8r_Y19i8ri_GO5p_qEQP5dZi4p_1E-8qJtwn8hzetK5fNlOxMUPfR5eJk3yuypaaVnFZbIKaCxkmXCNLtLaLlbHkH9y7RuK4yKI4ER95sWlhe_bTgp8fqE-7mIvAEBXv_dznsVb2rHpGJ3DxwcwOpd_uEm07l0rqoi3B3GbsXib0DihHBDEe_dNwzLAYWNKkWZh8KFB6zZDGb61wW0ehDFRVxVlrvxmEqpmJKwKylfqJ0OMtIgVAVSmxlVXNK02xtdcgfwgoCuaiVfBln5haMzVE92Ev9K8maeiwahP2n13rinyFkR&cid=CAASFeRoDkpc-Ao2wYy7mNJaZ28imIvNRA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efb6a05401f73e913374f4d4d66f37705457304a0e72e83e6817c6a8d4e20863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9586
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 658A 42 B
63 B 402ms
399ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CaNWHsr213PEb1XJ5HXK-TvjBcHI_SHHEuU7dTPHO40nYNNM1jNX6DWiEqvP42pEqzrSGjJZrdHpXms-lFHJjb-1m6F6_Jn5TffWXyx3Ahwkc2tCk

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 658A 41 KB
18 KB 91ms
36ms Script
text/javascript 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUOhgLHAlmcPMc0UEvoW9k59w2ii2B2q4jCzxriNpDDBEeecjU&d=CnkAoCZ_4CaHEXgekWkQLT9Q86pn211XX-oh5p7n27TU0fk3jj4jMbkuC3JlA2-_zYLALcMceARzHiBCc6hjxxIX4a_DUVfbIWFD8xrv4SP94cIW12k54EBpfG_inS4MQlizIG9CTo9fv90ZYB7fm74z2y6P9mq1LHerEtkRAKAmf-AC3UsfYoX9bpWnOJG0UwX1UEb_zeVnhkCG5zQyO9F8M4hEZnehs959rxpPhlBINJhus9l8sxJHusEOsVSXFXm5TUm3vmNSKClPvix87Uc-EhhL9k2WTAuTyw782CLTdgvwfwh-M4A95Cw7r1vaHk5YRBB_9F04Ma2_Yw6vPt4WksoPHrOrcD30nNe3CYlBbXJD-N-2FHqrjWo686gxRDXSdLCOU7XEGj76o2g2clpctzGjq2RVlFfma6JE2xhk90Bl7ecEO2wqjOPqYB0olAAilGbbw_uyK-9CDC3bVpzmzyhMXDadpcx3wKCmYUSX9e_CsgX8wk5TLtj41e9BLVbBhqu4tBAcF2Gd_aoeLJikPjvE1BkHLxPY0EyzsO9aqUh1G5NQqNW89xT0TBeB-p24LPJ5eWRp6nHluh5lls0BwmoFgaodvlq04RUszhzHl7yFrj7omDxUw-P9lLrmxRuk4fxzChXxgSeG9Nmi1yA1lclD8jw57SUAUO26kzNuAURuY6wODNbHsOT44EKjDnSbpZezoZi_JEzAF2DKjbUk8NdXm9-imyqP-EnpoglhIfPsqXQAVnXZDvavM33cGtcKV2FPcUsCJw5DwYLo7LB8VcY0H79AE8Q4t13fxATtvqHykXaTFjAM9asgdWCi-54UjAITdVkuZn2XFpffdVK-J0WVQiMuDf6VRW1QiQqTkMNZGyhw0aKdO8NmCO3-tF177O1EiMugIZH2wA7F7JWC1ux0IVHSMcSAjXBpcXVWy29fR3v0-aNyrQd0lqRtvBPaY82m5YWqo9dO_23dvxcHKI7itabF49rNcRvIRW76ZylpovgALV85rH0XyH1cNlB2IoMDXj76VOSQ9MuOsEFP7pJfW80WprA_Z7bISfgVVgtOgr2_PtyGPNnzqA9-_H2LGdCZwaIYzN3MueTd5s6LHYhqvk4g-g2R9_kOvKjbIOC5k6_798Eo1iNTbki5F_PTZbvGcaHDFZZbLUMXqaTKynpQrBYuo_AQCZWjBE376indeq_GfKSZj-20uaQxdgWtFQGibCAawRf5-X6gEi7ZSuJd4nn1iWR5v710Q1u9T_B6S3nNIrE10FByjC75_F9oQaKLk8hjXx1kY9Ngv2kvd-xTSoBzKc2xAgdApXPev5QVWhzxaQCI7HDSMW4OgowWM13Ozu0nqCYKWc6RHELUkLsLAwxxYz0XOd5VwNUo6OQ1qeO-KEFRkVliNrxnOM_khyN9ixu06z47lCCJBEHzXaDNZ-Gh_iSVlE5BrHqfpYF5L4dTS_3Xg4aSABJxJR3sbjsgsFEE5gFYcBOnGeoSAjWWKbiTW5Ry1rgIFGX0bZdMr3ZFQBKkqsND0Id8QhTPqBdYi073Yglw9frooH_Yby3xKq2kBUj5RS3OplKBs9BBbwnmK6DzTLgBD0HKqYzbnGHPKOubSgH80_3zoxaohZMOSRpmqL7JDwZHm_99dg5eZ-4-ICYRbhIfgl6KWFaAB8DVMlCYQP-mE0drGmEpJsmNQ7n0BGGYTA4JSLSsl5mw3vDVFC1bRv-Eifub9f_AlBioYQOJy1ujeool2RzyAeOxQ82ts-tj2Lnt6ULRRd9KrSMAqCElXTzyWhgl-ddo89AYz9L9Nj0MOLatyjNHFdGatNvwLmDYZis1SgWtkAXmyT0wrhOTcR00IweIVwgBbUbyhzJud-xXc4uSZmwbQzFUrA6EfKXtb80ZlpaKHIGAN19zzD_iUv5x5PuRsffsHFj5jsNd2AiLdV3OaasgzPlI5rjBb2vfEFXCNBOnE6XSsKwrLT_pr2p1FiCV5gX4R2MPM-lC8A-pvVMwVO1ap9Jjr7h2LAS3maHw3gJEiiPfDqKZZWLcnELgeP1_BmEkPOgDtGWk7vql4OxAyUaymWEvRcaR58bd4C-bJD0cYmfQ6bBlK_BsHw_JjF5DbM8xmLfTFqq5oXfNHJB8zKvTeVl6ySA8GfwuPfYVhYTJqcKZWUm2GugCuo38ZzPPUYLAk-V8MAq1n9nKeswE9OIeB54D7kbgVKUEj7lr52RSq2dHv6OEYOzQtZhQ_rZaOYhnmqxJWwIaI_W2o3vWIZGhhBeZkTnw0in6axsWws1H9yyuJ7Jcj7WfkCgqcjO_7KhRLUhWRxALHIrOnedbiOVNP0_MWCjJG3flmx34D_m6A8mPb8lg18yBVMc4ZybeHzxdpZuRU1AYFCzVXGh9e1DMIOy_AF8W4APwD-A3i8m92CZOIzWc3Ucu6eaBX6gTLhv5v9sL9MuOJHd-DTjSWquNkfWOvW9N8-uSN-_jfNayMu3VGnhXQkIN8IkSi4JW9mWPxBz8gCuPjwtGyaqWtFOVpeV6hQ9XvnF3_DGuEfDQIFF0gbbbHkz32bJ-SL7YkJlZbaZsPPEHJgb37vHcTECd7f-W-Hk2IvI-iM3j3V1RLML421lGErJKqbgfGE4oiIpmB_8snTZJFizcIwTSQbdXNGSO9Z4-U4_xhOxtzdH43PH-Tktdio-Y4fCDSCjoChkOst0NoqfMC13mKuarH_dBjRlKqsLKlTlVBozGe7wA96rr4Qjp9GSKqzaq-c1RN2j7S0F0I7QvhUCCwLpk9URW-IlbtMa20MmjDlBatrTS8qZTFdWLnh9ObiyLr_PbSWJE0D8DKp-ihCEsxxckQdqwvkmm9KT0UJnQ5ZeJ7QPIZA-QqGMLbXmsRViXroGyuTO0rKSJAvjemgPATK6FkB2REzkkPqXdv1aHmwhrJep7916CEKToM9OiVf6Fhczfq4nNoWMrTKXp4y9yl8uy3fNOdyx8AhtzzWILSd7MLir9mZTSUI7XC7ByOZy3qHGw6tomEcZuLbwhSf8--Re7DsVgRZiwnC5IJUESbhcnsj1Xxkivk3e0XM5rLZDp9YB3C2mgl3zPEttEmqUIQIDnH0aiyshYnjlAHg1b4X9Y6yjPN_9bpPX_wDODRFLiSOU8fNoOTVHydXBS7IM626HlaIisFHtq6_E7VP5x5-yCpJvUFvwz-OtpGhkIABIV5GgOSlz4CjbBjLuY0lpnbyKYi81EYAE

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

a431a150f9b64f454048fdebea1dce78b732bb8b82cff2f862250cf19dd8c4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 658A 27 KB
10 KB 36ms
8ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: cf72d4d19c381c1b2980687c1f83f0eddbd9d37a2cd2b94815158fc342a0225c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:06 GMT
content-encoding: gzip
server: nginx
age: 86185
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PUGFR6Z8mbTgz99QYGHnjr-JA7JCdMgvOgprNN54hClwqFzMeZX2YQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 658A 2 KB
1 KB 341ms
39ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 658A 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 658A 15 KB
6 KB 341ms
40ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E906 499 B
334 B 159ms
157ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNWq-G-RkOI3p9oCFdAO-qBMfJ8NwV6ncmEGhrlJT4iRs8bU0N_ESHWIXiPyofRd6vNRkqyYQCM5EJtO3ipGVFMGJSwGBsojs8kAKz09XnhVweGSlVhkXqUKaBjneuyEzno2sn5pNaBRpqofyCr94XrgKilHoGZRB0a_PIC2tsTT-NInPks

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9F9F 12 KB
9 KB 158ms
157ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APe5SmTPTGU3-Y3k05KP1QG_48QHbe2t1KyTm20Ru5i_Wof0JguJ_Wm4QVeHWWWQA3vZsnFFr8sMNHw4doR7eab0rTqV89yVx-6Xe5JcYr5e0m5Tzk5SQ27-dmrDt7H_eRtcSSPy9gWwyQhbfqNIo1eeJ-kA&dbm_d=AKAmf-CapCsUBosOoo-y7fze7Fs5PIczrT6sc1USAB2huxV3REv41Q6YDbd9NNa3dL6XZ2-jh4mPCp6xtt5Sx5rxP5edFLIvihBNPUQAhyDzbO-oXF4SJGSN5hGBjI_oEy2eYVZUgAZjO9feGIxBSA9NWXazVQA1kAmOypXjMLihoMkdbIF39HjlXip082KbRBt2RTtll_5a6Zz4wqrsKVl_dbQrmfS1s2czj1jdD6adHxy59SjRuozMZuqkZy0xbDjvzymeYooPbFMFb-9Jwc7Kufr_vSddSMR0SxDtApAd2shMcYtculPGseiDy4h9__o_5y3yMhIPT4EPYgVRQU50QggdxueccYo2RDxElOCAUEXK8IoSthnxmMl8Ssku5v16Vzkn0slTYqrbZPRYugOXLPzLz-uyfn1ZaxKCyvZCZ3HhlNGHzMBAWdhyAEfxOTkTF6-L32dyfY6YSVApCEDAhdI2eocguCyif9NNrRSzhf8H8weRmYF_eEQeBfhBcjmgWvWJRX3DqW9e52wVuFAOJ20e03vEG2WDvZPci9D-qF3seMZwrCIovODacOc5JwsKe_GRuwITEHO2BeyxqnjKLV0asNlEMqxO2wPxb8xI4bbvY2w6G1-McNqPp7U3ou2XZjN7MLSYucgk3juXTsTKYritv4XAclWj3ONRYz2-JXlYqyhBZJYgCcr8IMbKs5jaNr7gBP3T8DTGx_8YotK9z9N6ZLnKIu-Owxl8NVA830t_OSTJ3O73lUp_ZXvevkhvfDpsAkl2kzBuJnCPI27sdFfMEWbFi4cd6AHhm7auczj8LwQwkkAfKbA3G489I3w7RWNz16tkxeAaBu4LWfuoAYev6C6g5d4RAwlvTfDDd6m_Q_QdJPmlOivnCk94Twu1fFASyp-jGyYKSTgrQGYLQH6uLuNEU8fDfNcl6_h6m1CedzS1Miec4xJsmhi1c1waJeK_ZjAgS4stg1m1xgV3-EX_ZqFI4HvGFgtjb979bCtmrin_T2Tw98e3DBE6AEbwoPnMBdm8sf8o8t6rczRhd8gMEFPKqY30xWo4AX3mow2nY0EzzYcylbX0KCFrAAQHvPdHT5rarJ-936zsn-gy2nidz7SdE9EQOjj-YkaF_Xn0oRUQH5qWW7_eiR2e5xIUoJzSpSfwtk06oQBK9q7o8HewlPTLWl4lLhVZnKFz5EKQtuCIHn9QGn480Y9_0C_nJmaPeeQx9sOM1pZiMpAQV4EI2Q2h2afNXYAU_KnFxyjnYa_aVXJrG-nqnrD1fJifVY7R5KB1QPGNEeQDO2DE6Jca5zUpBTi6WstY2g6LRSrHqEhjjNcju629ufP2aCzVRLvhcIoLoJJ56WA7nYGzDJi3xH7KgTkBaufKl9C8RrFj2LmMxVhz7pYF2Xf6Zmh022y6Xkk_uApV-MItqVHno_f4exTh2Ykum8-mLiRRP5Fw3dLtrWhny643o-fXms5zD6efshtoRYBj5EWUaaBMjBOQw6ILQkWc9qw8jZq71nLlyiP1fzixxp9BKPlKHaPn4Yjxrsn2adbTqBPMfC4va_F0bwvz7w1-4FaFABi8VGhYj-jzb3fR6cz2RRtTvpUgv5YbMv6Ci3qQRKs7qKBczKZn435Rzvo2C66dpEr6wlXgf1RRgu7hKQWT8Va2oR0ftuil-_WhPkGCBXmUV7iC7Pnc8yt7isoHj9z_KIbAdy-dJQs0N3IcY0c5blH6GSsbhlVxnhfg_q-o-a3zPxxxH61Ad2fc17JJieL5y5ZXLJizI7IPr3BBpH8IuEByPDC4IlrdwH9JNvk3ho2W4puyaymPSD1rTylpvyv8doNBCX9YHfBv9yjUdm_DdYgGH-VMDJPQqNiP8yISijX2sC-k90ZMB1yKcfVd_R4ip_8yujjjuKQpoyU-J3qBHee09-GCKQ9z2fDAlb0r0LILPUrtmHQHEpBRPyz-KJwn89-_h1UckUP87iQDxXjJh_OWj7J2-44P9NYwh7PaYqDHfVWwb8H-pJ8Upzj26VTPkSL1zkrGYys2XL80tbfF0BpsCiTBeEMPfXQ6I3MhnyoGD0fXMO1rLZfeZLblalWXOY9pYNxorYXO8s9rfLiwv4jfy81ayvgyd5tHmP0m3BV7X8UejlwoY3x_hqPAtEz_dQ_SVgP8AXFD0Ihi9ujgUhNpUBdpCi2xch2ICVrCF0yFqEt5EnQ26LfPy87klBFF4cKMCIreSbVTv4blvb445JrMZtCH6oYb8TDIhU2bvGnk1w1NZPyR5MpK7Uztu_TFr8uGe04-aWpRV8N6mmwZ7CD6m-mumeEKsrV8kZ5NJWBSuP75o-1T8MVWoVcGaPnb7HDEeWRqMiQI3Qilezt0phmZzZqAOmSqHE7JkD_M3rWMDKq1FBhr568CEc7LJkCqYOR54Seu5iOcWKwdls9YSQ6ZHOXPy8uFCLdiAiHPb05Pgtn3eW17k4hAhmaeOdSTSiujQsGVTiuC3ltfG0n7aeTcOY3Br2MFBwUNL_fFNyjckT0xio3KF1Ttp70L7JfD-fnQknPV5P6wRhDvVM7oFzaoIBSyc22ew8gb&cid=CAASFeRoCkM5Pmrmg1pGJ3CisCe08yqEGQ&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf716655adee2e9c90ecd41ffbbf30dfa98bb70fbaa945043444704b6a3f5616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F9F 42 B
63 B 398ms
396ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGoo04I_QfcqupdCd9TR7IzwNt6DV-FnOc9RtsDI4fegUEgM2-92icL0dZxzRSLDuFji01TT94yut2ELsDPMCU-7DhewcHi4DDrL04GHETt5r-uCY

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 9F9F 41 KB
17 KB 96ms
43ms Script
text/javascript 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4LEJ6HFYWoroNJa6XmTEqY4TUX6Qlcz52Jw6_ppT-RkFRhPAt5qDY0VEuXSaNIyGhQ6l0aphdKBtXBT34PNwgtIZtj0Tu6w02mwInwr94RBm46flCzTxGKV0W67V76MhXOu-CEsp8CcoxfT5BlOBFvRvNBVgEtkRAKAmf-Ai7vOu8NjN6zI_PzHoBgGHb-65CwvPLdId69R2gTUgAfAKS4aXj0DV362RQ-Z5h44JJJAO3BmOG-GCNGU2ygTWae9pWnIuJqEq7vULpCFr4LG8p8iVexjy5SldqmSG1wqIYpJXir3e1z8T4Bp3aaMHXlNCILjUrqijG60kNlNQxNEWUyiMyPca_Nt1gIulAt9EhKlO2r-W4Akpnbl5sDokxCPsUmE58xuwjR3GSaCoQg8-EX-8irKAOcyZouFnqxpxdOpwhFwmZ1vGZb9FfBDmOsaqVH8LTd_sbCAMAPOTwqvpLTBNrpuszyNFrWCBMTm7Zwwg83yRsMbLjHIEAXYoV3_dg4UZauZHiTCPT2WsesJN3KiVnUrqMxhvBv-gi43RiwiMinqoPS59njonB3bOuXSQBygo6JauSl9TSQDK0OIBwl2ctBMLK9s2SRhhLUDS4RAVD6fAfEDJlGdqlG7cZL_yE7DsZqdEv1817AYVli0BwoL3THXPGXKqWqz3vVstbiyy14LcvhrJFwDgOOZ3oPnMeaC8kuzvfIUdUMUXGo02YZFoDGudCDcRAdlgGxhYXzUlWym8VIDXqBLaxRnNZeRRWfr8nhYMJ7pY87y7EEABJ6-uLjj6Wf7yzFfY69FnTQco17R_e4xNA5TjYVIhoybhxKi4q5oIUEr0NM-9tWdcmuXzGRxbH5ruGyxmu5moZrXRFTU4NhQUp1spXXH4I3ZO-L9R8Cx5IYRakDvNT4zuXrMTXCPteYUB_HQFrfWxTiO3HUTFJTOA_k5VOKlcDp1_-uJjI_191NWIQauzvNHdTnfZcerkiiERqODD1IqU0raHqFP_-J0lNKhLd9Wtad3E_t3ZjMMA9nsJ6aG_IAy-S1ahA-_mleLMT3XzWXdeFU1gwaySyHOye6G4dh4L69QKBu3XpRvR6Dzt7w5i4dPw8JJ_FYGitsVTxilcXHziAt1RnjtQqhoM8zlrniJyIO4-pUBgM_Q8UuHO25GFCfUpIWQOec2HjBFNPU8OO505RCdqTWTHlZRvCb4qYXdxqUpROHlwJpnALTgrYRnoxIaWTnONf2cojM6HLrZ64iFSTaGV8nCCaU8LUNMR7Q1SJiFG7w_HSh1S-yxj-inQ7Sk8OOuZKq-pGyFJV1JNtXhfxU8xBpKUATO8c9SMjEyn0oE1fOifz7ZqaFcRInTy1c3X6vWIaQu1l06PCSwXcXQUEdbnOrtjEXBTwLGtxovvrOZcLYCjYdQwMvGu7pNGB_laq1I6s3IIaOMHMc4h0e9o6qWtC_YFgEV3CUe_E20a0MIz9UGBHkYHaTeqwpFXVuHkFfKsGev-WBZDGchiTLEmEYsnk4D0kb1ET0lnJBPEriklCdx8kYbsO9A02O_7e0ac-nu5ksueNIMQeDCl8f_FwC0GnE74c-aCD8yBEUIdrJoIu_FjthKueOpn58B4ZPX_zehYhCDnJq-6eECmtSq4wtCMztnwdqVKx5GnPzSAlUyQoT6Tz5G8Vf8fSTOvFSOjh1pYg2vlCYPqRV9SO4NxxuIazG9e5P5DfUIN0YeNHjYe8jLA7W3VtBvY76AveIv6lJng5Vts1CDv7etEPO6iFV2s9lDmW8j95tIpT7eXqvyVdbRMcwQrSOnsssswV1Z-HWXrZxnY-CWn4FCqsfKBSZNE8jiFpxsWa1WgjrwKw7DGIXkFqXmhdR_9SFl8UlKYqsouXEENt0E3n1OLYggQyn0MLaPsi4Q1yLzS7jqVmkfrLlI7sqTM781tIxaUr1QZnL4--pT6s1Mfn8oaW_OmzDc78qRgHk8t2rGBIRBmKqSivnffl-aZeTiCx-Rl1ceqisR5HmkGwM4R1pp0DG0Le_3w4PWmdxkzZkkubWGZibhElyr5ib6ls6UJTMe2feNcA6JRxGxr6EI-meyHnIKdUROlu-pGX_x0Wcr7YQwcGVPbsBbgegx3LZ171tXSLb0lCmnJvxjd3a_6i7afhTgbEmGt-Fu46GWaJL_2KcjYvKBVXYyymebZkmvKeaoVjSLKqWORQpX0HGl-lRrhYWmcfkK9bouq4vntZATUUji6nb8lWuodan0EwMGWGgkl3fQXwlk-CaUkAZ3ZuQurLX0BoIw6fCniig48_-0aM1V9VNwiI8v7q4C_zVkfz2K6Zx9EzGbmYdAs6XWhpNQDNz905vpjRHrhzkOJG3E71FRc_nbuPHEnsp2GYgWSNHbgqYmn1Bgm7SnF_8o5kHf4-2OvfYd5zOHgpEfkRJRNoWOs3Mew2N48_KUyKkGDmFmJWqBCgK3_qZMMxmofL5N2GmI3DhXXLtAhXokHXZeYhcQ0ot1b2h9w2QO-kNKnE5lCTBG_yJs3l-v6eNRd1_nDwnu6ijTdl6AoUo1RdvSTKJLaI8zofe1xKJyNzuYEXQzyj8NOQs_OcSVlyKyvYSnrF82q-5KkvYXE8aDipAckeUd-BnNY13aTpbNt49msKfm0QFZ1H4xd6FoJQRosDkJYgP_a1TJweVjCMHlrHYedT2srq0LyGKuCIwv3fvbGG9LTZsBjULBGZgDKJFs9TjobYEyxEVbaQsAXO2CKuHdk8AniwlZU_S67edmVT7w2mpltAwTvNqppEC5940LlB2E0co8FmoZ_BnUYfLsc74LHewQAxFswPtCM5I_ZrtbV7LHLx6EcjMzS_gEF5sn8Q_thUti8kP3qmtD1t8AlI94p-9_pXAcz4uvUPDkJAF7Ey3qjmCVFjPGC0Lt_MsZJnNBKhNkzqujcoESe8lh-bR5ptsamezik3K9B1moBllD6WvKvh1dFrmKoJXC4MYWaoLjgh2Yxb8XIuYMeT_nhk9NI-Eu_cTLR580HXkDKRe6cAjkeuOko03Lm5Eo2oG1SMwc33ybqcgCp4CoXZVgWXzlmV-owLK76ulSSKX5OK04h27kf7p-KtumeJxLyBqHtFYQFcY-NUAynsWNiqEN8Ahj9C8Z85eKS4zqRtJVb2XzxBf4fy02lWr1kmZO4mD6mOJn52Qy7kEQ5GhkIABIV5GgKQzk-auaDWkYncKKwJ7TzKoQZYAE

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

3260768a3f8927ae977a7de2e6816c2c81284d3481d9bb76575912ad2c4fcfee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 9F9F 27 KB
10 KB 34ms
8ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: cf72d4d19c381c1b2980687c1f83f0eddbd9d37a2cd2b94815158fc342a0225c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:06 GMT
content-encoding: gzip
server: nginx
age: 86185
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: N36UAKruUXF3kA6QT5VRzW3U9cJmvc-zMVg6TJpvEVdknI0UQCZO2Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9F9F 2 KB
1 KB 347ms
45ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F9F 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9F9F 15 KB
6 KB 343ms
42ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9F9F 0
0 347ms
46ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrgMo-1rxiPPtwoV0Ma6nzvismC8sD4ajQxnKR9H-t2UFjLYMhqoh_NzS5IRemCJ-JwF2aasJojG8dvli-k2mgyrffxQ
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 680A 499 B
334 B 155ms
153ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNVzIHanEB6O_ZXLCirMRwmhpO_kl6fshX4W0yqJE5EfHMQU_3XfjUcR0cbwdVFEt5-lWltdmaisGeWbH-ddfAgVMtthPOugo0MwAzYAlFZ_rS3qTM_DkoyC7BzU8zVZPX1FvEvCe9vPLa2XsCERjV3enBLzxW500vBMaSluWFEkp2UqwsQ

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0745 13 KB
9 KB 694ms
693ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_rsIinqen9yPe9_5ffFGAPtZGdTESly8Knv7F3LqkYDOdop2cgAZzkBr0QahZLHjTE9-Fi112dyPWLpHwNlNPyxjsPHLswTzfXWIuELdm9IFSZ6szBtevPauoTS-l5N_wBg0hyfmF0l-hA8IZcHPROpQplw&dbm_d=AKAmf-D0jKbh750SZLj-ysA0UMQAxAe8RUjBYeymheoFiYFp_pw6Ofta2YZoLrGXWJsapDb6CLMXFkkqqkm0ifkuR_uBDcCQUdjQc0agzN2SWCvm_1HakVzwCc-CBUw4NI3mwoHtjtzZBglXM3ticD29cxlJLZgH5etx-ljQspTmb9Brbf5W4FrZE9m8EGua_eEjh2aX2d5dAwuk_Oq95cGx4Aa1cS5TUPOMrMdJPsx_XncwZdPvvl6uWnlPw6-xvkNqOkn69gaDjl5nMY9EbdQVf7dPI9jyXWTahPIpleGvbVDVUEgDnoIkSwpM7A5dXgf-bp3UoHEOPOpv-d8n6nekSPlXjhN5AHfWU33j8XBNfRJNm2WY51mjNvJW5yPEfee1nKeyeM7NPxSsSYMptBAh9Oo_wT6-mgcgQA9VyHhO-DDDdBvv0OP9pdv4SRAE2ScRicETlTUhQ_1Tk-Yf4366MUDZi54KxiHB8SkgmRZwdpqJZqefnnXyoysQhf90qy8ee3C1StuO3vLZariWdq9JqzFkGlHB__LYejQwbn7sWerNBOCU3iBTHEXC3C33VvbAvKoKZbUyTUwjH9bUpG67ZbLOObsOmWX9XZusXxoyRpDPH10FXIH3iKQMo-phbzf2LgN9qPmDesBinkjPXnYelJQFTwMdG8Kri1T9n9ra_qSUVf4F3_Z_BSCjUFANKhNY9eQyGauEaqJXTyWCcuYvD4sDWDWt219-D6edLfUkIuA6AGW6RtIBlz62o-8DRzjqIXUKSWxhCP6FWCimm1BSuZubXEQx8mqCT7oXiY5GgKmUupBlq9TUhuL_hM5hkZfxii28EeFkWgi22xmGv8UaonoCIVShA3vVHmgj_n8tdfLTzFy5D_3jRkabAmkQ5FGMQFvGthvefGVfS_WKfkThO-95NEPmrU_mYS4cQT0e7kGkxgIo4LJNi0w69jJlfqmAUk5VhXXOw0I5aXg-JU4B39xBKbLDbIGU4UvjwuU8hVKHWeqCJ44S0tf4_jWzJ7s3vQh2RWmghWNcbl47cyW6sPNtFPNxLtv365MVubYmj0uctqOW5UXkGgP2bPM6Xy-v4ntZemD7hilk_XtrxecxANQ9EKNaxEhsAWukXn0Jj581LBE9u55w53oJ7qQG-LCsOxKT3IeMt5jHmEipnVVf3fRc_MA_sIT3MTlsDvkbtcSfqtrVLulA612iA8TYMAbTcKfjr6Oc9s6cTS_MlCZZ753B0R8j8W2spIEuIG43S0LT6ydITGw9EOH8NJF-Pt8P27-3zH5YjiUGvdpVjvMT1-64JBi9tjOstDKv4ttio6Xl34VdrnvH7aB2UrMiKzBf_OWkLaboy4AMTH5vvgL4wGJJ5Py9R5qdFlRfn8iEPkTO-ZR94C_K3PKSvaz2YA69LOHHhkQU-JZ0BTb3TMxv9cNfSHmfaB9sWOZLfhfZzChOe1zeKNwlflevvmSORhqf4PX_oZMkSg7nLxPqGQw2tHw5QmRuOurl-U2hYe56pWrjnlHRHaLLtxyc8EKcPrCiRJ3NbDyc5i7NIw9w-x9-WAHKCqGrhvMnlzZfB4xB5aby4_JFP6b59BSlgU4aC5SSNl_vCpQzcRYhUOiGOxCZPxxBOSmcVRKkauWUQvTMoRzKRxH4nYWrVQZxWjPnBUcyVBqCSqwDxG6T1ZCPx8oOgAcdX3mryBqsgHVAcdLty5Hvl7VQAP9_4-dvTay8W-zYGU7d4GkQM6_poX7ufO1f5B6aVI09PJMf8jyi2qYd1cwa_YQrMs2YlYOWq661l1Kk4bHBTPxBH26FHVO2c3bqSLhZ6CHh4GFSId6oDspTQCMV8G8my16G1S2a680Ezl-c2p5m026r7JHeBHU_P5VUMJsWKtEB1JRoGuNTOodkV0GeaIkt9v_r0w1qP9aGlI9kWc6uGIgCrZ5x02vKtqkmWCrQHqpUsALNMLEN6uoko6V5x_-lhrcyGYPxGBL31ZCUqvDiqJ0nhxXKER3KJQbV3Y1bfbLCV91aATs8BE19Q0bBF-Z4prHMjPB9n0UhEzZ2r_5lQqAfsVxXkUSDwUTslCHX-6Svl8LUfSKE1c8kzczw0_pBKIrbdhvs5sPjQZRpTehYLwFbVOsMkTURZmJSKEvoxuP644NEb9QYKugtYdngsS6AqU9WN66yu1x37-N-_iUbfDgSBRWZNi09yQ-ldDJ1oD5dofBy6lm3l9zO76uVV1o_n49yhYGsydf5W8en-j61jPeby78yICzOflfeKUyFSFcF7lF3OVTzImRpax_-8I6aX3yYTuQOJg_wj3EfhRbJ67z7ocNvZYbtocv25b7BB-30O0oW5h3dxQ9iXL2wMcTldJ6-kq9VU89a0BPojXYoWIgSbAFiDtQRYtPWfRMfOpbr278f_RiSbhyDvDh0qlGl5IhaIuePh9UvNZsD5m_3LVgSYd1BGt3zmVwRgR3k8bsD6nlrkTLp2MjHUf130YCHH72jY4HknnhSvro6AMa0QcqvbTwOuPPsBIOPm5B9JQ1calmZRheLKbWddhNK2Z42sflQRu_u9PGvaQsRiSptipLu&cid=CAASFeRoBnduNQPAsSN2cA4RhF_AjPTFbA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322a87a091dbb9c5da4534a136c6da3db16c9d948f05d6e7c336708282055b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9655
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0745 42 B
63 B 396ms
395ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cqeclncz69Yl7_Dj7TvFHLcrONchavJStvoJFpJ5mrQNiEcLlzO1V1P-8DT9RLHaHKlkZcQ7X5D2DBjG54fQIMHNjVS7xAOVM03gsc-2G08lCnbb0

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 0745 41 KB
17 KB 108ms
59ms Script
text/javascript 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4GxqyaEqzPSmRMHuU7iElxdIzIspFkrQkATARadWJE1U5pEpRgTJZgQk-uku7fk5wqMriJhYp7yS9s_6FEHh4AEhu9ByiiA2sUIswyhysSSb9pvp67qeQJBBlh-SZhtbs8eJt2WQ7q_aP54lQTTsRdJWNqwsEtkRAKAmf-DcnTV-Dz7LRFTtHCr00Vrwna7o-OQzU7GvPTBUQkIeo_i5T4jpXA8mEZUCEuT5uynKTAR-MWq88EbtTJY_3c0HK2XqZ-RyPtChrd4YRXoZ73NDP3p6OmHQl-y61Av96r0X90F4A0ERcAQllLQb6c8XLJZ5shRW1I5CMTv1-QRCA2xh34MN0uDDI6006PBLIEnV7IJ9ynKSSiVxIZBjtTmSgvHKCOJ4_Ktj4PHxKwkzzP3zDiBGYftid787f10ABo5_MZGg6KrddZx9HKIMMc473zZpjwX1dycnfcs2H6cJ7Y993BRbjKA1pmb5rtKprV9qd3TUpD9RuqnstKFoJiIpUxQA3SoBJMwYI69uIMXAUq1bh7G-gfjDbyg-52sPn0lnWcxTW4kqcVgl5LkGlUIoUdVzA2j6HRiqips9gcOBEdGm33g9B2-6LXHNEhhxbnvRaevNkG0lYOxkCrQ1r4uqdcy3jqpxDp48iV6XA0U0lpWeMJE0D6CT66Eb_y7fA_HVh8ssPAdjrNxByEKE0i6T5ZmcrEyOcpFmRgG0yyHvAzKLCH1nripFvcj-rIKuMnhXncLOTbCqIF9gi7BIiFrJrP3eOSrC6ZgWPDNVpgoNghu3M2i2bngDIn12mzpfH4ZSW7NkEx0bcbVECVDlHTOEGL2N6u7L9uE1Vl8_piAYXRrQLotI55vT-rX1d9P_4s7urOqoIVLHrc2qQHCxTBINPGB8jAPFqqhJGxLUir67Fto5pHmtRXzrc89jev_C4ANudM9gMDyKUt46IpEKnm51aa55lqPKv1SfoWg3tbnV8mJNTeU0C0We-syHtetN5hNas2J9GMgCqHGx_9cWEoeSdyYy7VM1pYUI1zok05XGoHjqUPjmZTwZhq9etcG9bCJDF6XQBlnBb3s7dvAjeFeTDpfheFtJ5oURPFITHkozXhDyHQ_8c1SJP9najzWV8Yb_t9wSsPyny_vb5QmLuVlJQAdU4LBJNcXYCJuyOiF_KP5yGph5zYO-s9uNIJTwMrFHWRHA8DQuuMQq86IBCf53T4gSD4ztmmTvhlMO-0BSy9kRoLWLLqVJBoxBjIrl52hFEG4tMzmGvtK20ZUoBXfBeYsgHK6IvfDgwbgUWotgEW30yajIjkiCB4iO6kMa8I13hpDf94XX3dOsCEtHGbyfGpYB2CsbjTq22TT5OFXoWH3MAMIzqnQh7HQSNSVynyJrjhqkMWgpnBL9CMTCHHPKTQdVGXzcAoS3avr8sAEqOyGSHqGpah9SU2n1lsZtGuSGUJFi57oGSR4s5lkkfgCM0geBxzsl_Gw3zbRTCKYpDoM3E27C-6E08c40HXXujhn7s48pUNibBOKKsCL19zc8VrwSfGj1uWRMLA5y9P3cnF2VyXIgmqDUZJiqO3APnba5TNNBw2SQBWMaj9-i8kIcKCrLd-O8nxURTzPciUpH6OEEkJSQmXSGK0JraIoyGJtyChjkog1gIvPDotBVCJ9epVg-8Ijb6nDFd49oCultyOIYgp_Wy2T4Y-3TdrkF_UnhMbMBOqCP4G2cUsAncmr1Qa4j9MGAriGQbrYPJi4IxTkX4Gy48hKAs0UJeOSJ7hbpi93fzbRDFQJGzfzIiVINcij_1MdD3UN6YdPcsCvbnJPWwetmXU6Icw3sJnHV4xcAkA4roVrpci2WL713Lo5f711I5ZSWMnS5EiiEIuZfO416ZAtrzgadVDs5ZmFSRIel_Ia5rQI6RwSHw4mdyVdkISjqNyShlS3Ev3cysl7t5_AQ51F01hFbocl-AJ0kPkP0AXrkB-VAs_hsPi4_HBSdW6WZFLMN-NlI5YMnfWK684LyiOfVue0dcBvvBN6KtXP0zCz4XccqJqS017kqI8RG8bEk0FNpNmy6jTCmdRxYwQwMh6mz1arWYQpRzG8gIHQR3NNJEClRTX6DRCkQVV0pRj1uhaF-nyPe8zfJVGPA2lT2Jak-R35WL9ygDZfUNoXFQ8aX0BTtPee5Ktk4Lsk3NGgTMB-4kS0qPTFwPyeoPtmI0prNSjs99NFDcfeCiyAg44qpwk1Wyz4wLzBn6ZEuDILX2hH0QUDf5JIJPSN0vA1CndfhOAF9j1VdsHq_PFvIDZ_8B6a-87BpAaADRaDGNYLABl-bGkO_ZJpf5rOzu6g22fkzA3iC2wHAHjoC0ii6TlpVGGgQbpHBK8L-M-zF_t8iqslHGGZ5efuc8ZM0xpxMO7IFx_gVAzse0FHYwmN__OLDpukgOR_fvMjh52KwTGCtsM300t0OAge-AFy1q3P_WZrXcPh5CJgOXW-aDcd8DilUrs62i017Ccn87gptloBH-nYxaRv-pg5FSpqExfZX8qhuzk85fVrnTDn6abxYxyT-mbGREm6khNQqBd-0DHoKMdN0dcRFjw8xCeAk22gPU3jNTcUYtxFrMZbdvXANir2jEmg9UfQqpaYJdrHtdmFgFCJ4TygtmB3VdjHFr8f75sPLXmxcNwZlcJgNZnyV1PfJdsCJto8HJTyakSviOr91PZC5hGs7yebGnbNLcLkGiCr5EJFmKEtH_WFSV-FqCYuZzTBqw5_RdyH6g38MfohrFq4XWiMCsvPV2EZYOQadeSjLnG01PCMYa2QCCzVEUQRJQX4JYshMwnrCykq9dNE9MTJtchnYPJLX1xI5A5LRLF6gcY5L6iXyZhX0WPLLzweEJI7qNxcV5pvj0OCadbWxQYyRpaiogj0UeFKdYcFf5aFlawRNZ5N782xOhs9jobagcLbiDHUcsLFM-Gcn7xZ5syYD8mPWvpnVoLEUdmS8F-216dJOnOTKvp0_XMMxTkqyxDT-tBXrp4pKvOHHFZPr-MJFNGxr2oPVN5LWdwU5Xd25y1-fFW9kXcflK7l8ULHloHKXcd15i0SRDuMpxLwAV9nHKL1BlKY6UI51vikuoglFmVJrguMP700fudwHFZBSpwPV-cb7XP6FMO1xGetHpHBc3Q544-hfOBcbXa1kvNVoFhIhylmmYDVIpc9bWSGoGhkIABIV5GgGd241A8CxI3ZwDhGEX8CM9MVsYAE

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

7635ce6065cfa918ffc7cae1d64d3efa92d05f55659d822a30b202226f0c472b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 0745 27 KB
10 KB 32ms
9ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: cf72d4d19c381c1b2980687c1f83f0eddbd9d37a2cd2b94815158fc342a0225c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:06 GMT
content-encoding: gzip
server: nginx
age: 86185
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: FkxWDrJCdXh_APg8FSRhMho37_mgJbq1sPa7W2bxchDgz92KwCnusA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0745 2 KB
1 KB 350ms
48ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0745 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0745 15 KB
6 KB 346ms
45ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D454 499 B
334 B 153ms
153ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNU3SMtXmpd8Wu2ptFbskhjgNzwmuGWHu3iUaYA-G6xfIl4_wqElXHNyTHFwZa--1e3ePUbynGEF7f6JpwuBFZxaHZtvrPmzwhabRCvqnvzCeuecslJ_PJ0Z3j590KTaShbJWP2y0u0NE1ZaPA13yoWMpuwQWEN89jh4oa0G1iAuecexVJc

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 31C9 12 KB
9 KB 693ms
693ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkgyODBwieXVSLUErEvjyFPDQXsCAHOXEcmjr77-2BGyox2x-GnTEpCoobVHCFiMaUINLFpQijD6oAtGZMFZ6hZqWlWevu3d7qE9M4Oi53h6x06EFTp4G-ZvUxKPUDRmpZtfTKqVvhdi8eRYu7At9X_ByFcg&dbm_d=AKAmf-A7vhM85GF6sHXGnUzwzfUwCx9N6dTsYgY0K24t9OEr3yKYB5_0gKyC4_Y4T8VUpFhDN9zRpApL-g9zs5MTJUX9IRZcsbt86wNYldmu330w2qkjg0L6qjIcNxPb5GTZ5UvlsG4iAiayE7Epu2gs5sRQ89EhfXsv3i0UvUpYNGOlKshUQKjiD5u11Ez0bXlafcECeSqLoX_aUiDRJmHMYWNP7wNlY1quSNPM38kznE7uHyMpbHekKMQ39B_xLSR1GDRb1r3j3DB0d79kv_3vBCHH4inI3U2rBIsLVJ99cEcAUtQYaHLOQo_qNpvOuHRATyDdOUnQj8iraZpm7VRB9wEeMUdkCZHMYrY2sHHq2dCx2zsCbrNCVAZWhnPyDJcolQ_mDKqopNUgkG-RzwrU4Lw95fskVdZvcpLxg2JjvG1jjn0LSzGymfh60zXtFau7u-98PpAbheCr4d3bOOOWr9zCvPQBhvToShN8LfJlkTY0HYKjsKQ0lBn6Mfs7bhTets50h2MbsGeVcabY24YOGkxtG4uwGAa5ucLuHGzkkNdAsBc0PtEQ1EMKX3qcYboG2KF4RrcAwn2ZBpQihYwq0OdiHVdAX05YbY8twd6snTrTUvFb8riSdaH3UWWzp8fsgh0Q2glZq8PkF5l0vOnqiMpiqUe9ae_iiEEsF_2-HzoCDDfiXT-Cw8IazWIcelnD63Ry2RWh5Z4Q-FkT0CRoGzXTdluJ5RLGzg9hOHTOLEy_jcGr9Erm6Sm6Ed4YmeodTPRqHCuMY3WSPpUuzCQudWMnRt0DIOpInr5cvgQFxRpNzotmnCS4kkKSDtmFlJZmJbMaBhB3SZ5jqudqzHxjdhUt6a95TMrAx4YUmUoTfQftvNIUf5FQB5EDu_tZZbEOuMNs3mlPmpOsWnOjHwHtogNKLO1O7e_gmA64h9BQantwhDGmdScOkEWwoht13i5jdldH3X0VTekrOAzwmkiVoBv85bVENMw9i2ev1hzAVhD5mYkYyoPAyTBvZ03eMZQH-avTYuospk5tROB7Z9fA3rUAK9OppcSvTwGtXjr8KLLftBvxIdYfRmEa3eVoYtoqWFKcU7nD_Vnj4RkxFdELDKJ0r0o9w-X26uEKBDqITE3CQTP9DP-psCstnA84Pce-BkcYhokEYUCu7HWxPbzpxLo3tzEppjwapEXaIXYgd8b-8-F2G7sVrEWJ6cmPmUPVk2xrZl9b2to6VSWN6hEu1uEGPwBfQEwsEcnz0WAnLjGrfEh_Yl8opiF_6W4mc3mCrPX2GQBJE_UbFjzSB6B2_X2CU8dYsvx55zJRsZS2cOaq39FVId18nBwrGdcFYoqkZiWvV2vbFGfcINrhiuRW0VbHOnpYR9y6QEJpodzZAXhht_WTKLFySEiaAH2ptluzA3W5g8zcyqIvIjVg_SBa8RMHpQI_ObTH8DTtlNn7OL4doBHocNnMjPyWSUQNBXUzn0fbITE-9XEY9OdLtEVSqdcJCNZDByfsr7M5zceNuGk0PKUxBW1cZ_2Tbm7_JkgFAc51pf6OjtXu_SkiFRJwQHWv4Bmj9OjeKY81gSa24KHCrnrGihMNaHOPJvOVehi2HZiHRxHoB0u-PLKpDQJNe_u3Zwcb8gzXpuRQdPnPmFCUtNKCdH_Tqs-FwCvm4EeRYUixs7g4Wtn4xMQW6sUxQ5UyIOSCdyugCMBZ6hXPdIzVHhfdwp8mxNl2Ry2eoyRXh7jQ-z_wGQyl5PolFz5A6G9dq2qXAIFfI6E3UVymTXy0xFrRo7rC5cYvnt6BjCpvwKH3nlwUlVZnKewPZ5eQDUP0qQlUpWlGe69X1ceFAaaNT5Fxi5i3IvFb1dLh8qYAn8gbbFmIT5ZS59d0-hpyPpkDuiScKfmkKjD7GvC0MTfjN3m2T8EnC1t1-0AhduXLiJdG65HdEeKAkhwwD5FGq_-HC0da9rmdhYO2Gr0C2ucP9CTn0nC6hiyMF9EfW_vNA4P9GiZ7u46ZwlqGIS622QBtr_iF6OVF1U0nBP4LsBWRxyqOGWNAHCEw3sqvlvlACpzI4gVjVHDzXPU2NLF8Z5DRG_8E-i48SYjyQAgP8XLqS_0BTFjTG846hFssdrO0kigYP-mDvrZqyEr-dNbMD7wFgf8ukMgwS2BT22V7TGtbHdS8VwR1cz1O12ncPHAxEtAU55IVrBtFirlTbpZlbTUmgOTwEO5HbiSlkBZxl0YLDCmF_sPeLKKA1ChGVthEHOSHGXDSvcWbdk3JV4LM47Mn7zywfqSsHjeUvuhMO6Tz6m_hJW9qqxNzCLNtCb9CFUUg3hXqlNRmdTHCx0l32jckGTJbUn75Yytygsdj0BGUUUWLfvsXe-LyQL0Gd7pSLXeiihMTguJCKRMxHJmIjaMK0oWK0vhz7Jl4TcFQQP0ijgR4cqnlsDHgEb6J_BDzvNQ8yXFSqk464EGor8vdRfrRVZYWiz8sYsrlB3l289oMOuvPTtnKlzXq99GqpU8kNpWJfe24a6hfNi2UwFdlsvyLkvfb8BwLq5AOQ6exXZJ1fyLMADA&cid=CAASFeRoCzFgJlpzlJ8VhCuNRAFqb3zhpg&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a9ce4209693037eb4f496ccc0c9811e401c0f310ee1f93a36267f8cea47366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 31C9 42 B
63 B 394ms
393ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0KpOiS4Ajr6JeEy96N11PAvsGQXF1dyH3dvk0Fd96LeustEbGRV5MsL2ISm3b8LEVC38lsPG6GmINVG1OH2dBbEn6F88SO1B9rm-__lgEfnWGxA8

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 31C9 41 KB
17 KB 113ms
66ms Script
text/javascript 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5ov7abRbc_INaa8Cy2nnVNcb5VFBxo13TTxPG2j_HwAcGjIw&d=CnkAoCZ_4NQ1b5mTBhLWuuWkloXSk2D8JJMJVNNiitxehgCwuFXYuiQJspQSL3G3IdcMrDXToF2nkR4YpNHm929Jej-ewFmZVKEa6V8FIsv_skCdmTh1Q376GFN4bzs8T1PtOo5VYb0iVYVND--kIqeLRTANjPP9kqBEEskRAKAmf-DOVXw9HYqLhJEqVw5l_3_RDz3j3MJ-ONfMMCoWhkGJ3h9CvDG6mZbBF7neSaVhmGqYY6eor8O7oXwuKBeEnByj_jqZM_OYJtOrZZ77uBwv-XNyqVXmrVLjIa-FMKTWhrSyfikmRXX5Tm8Bet_VtVo2zbkmeOTDGBrv7pWURky8-B0_xf_n9ieh0clgiGemQFIzrM0dWCkozzIj-SK7AAz7nGdWEDVhxOV6xs-cnCmzqbws-Lnaebu14IMVj2F6KbFN4woMsBChkFnt_QLaYwwX6CbtwAf3D04UkuSkz7rP3rWpoSPPLVUcBdLs-OEh_suVRaJYDdE6X-xt-Oquvud5VawPx2CzupfF6jxTBm1vpP0UkfSy58X3E4TMrQr5-6ESD2lgZq7Csm50kFrtr_6C2LFs5tcLOX1JUWuR-A1dBcp83oitFf6BqvDW-BQTUIGdtoOtCHKxIQvCcKT_V4IPICH3K2x3w8oomnyd5a6h4nEJB7017Zsar-OdKyqJNru2qOqxqgBh6hosjlGf60j-ty1da5zgQSwLQyWrHLpQ4gaFjtRwrqQOdRoACAmpzEVLAhimqVHf9Dx_cTSt80K2LL262zC0b3xLcXCcd5Fkq7jaRK4NC0xgVxR6ulF1hcQM8EBRiD9RufarOJfkjy2AyfSZi3EFC1zdH2-W1Vf7ME_wMeyDPDXp766DBXUJMv_QuOrhnN71FyW2OcBR2pLhTWxOqvN56ejhw4V7DeLRiTx_Rq8ub6ViQ865-s_BwQzMpBXky9YotymCCXhzygx9AXbq8jK_YE7ahtzqeTnCM3XJP0YRDp1lzEmJvz8mgjl4lS-GVWec9gVTiKFjKj5v0IX_obze2ynn_SJHcXaDdtebkKVPsgaH46tMnLQpmCGlmuY8ecWg9mmVKQsJZGiFQ79B83pBY836IOwlYZzh9tbT4OSArU9GuCTZImJqdmnzRBsdp9VjEy5MMl6JyE6y-3N-i8dFMWDGfc6cM-2N26V1F4xPlerSNFJC40kCZbk4OEv1-E9hzhZavtQQ-PFmD7fKadQNlM47vlnbU3fGKxBoJbdl8eJgjTUX9h3eL9Dp4jsB9MZwCHU_N-3cgss6u844UeD36LhbdlY8fz7NEfOrn1G1vEIAgbMb9ROXOOnrRJlqO__l0ukzUTaYEhekKGPE3E3gHImGBAynQ0LPYoBeP4MgdwBigWuK-wMdeD9XpMVQUubsw8OolVDHolf69ftlHQObyMadugn2oi4FRkEGo4J7esnhFeDS4hjlkGI11jl0sZ6UK-4a1IyQFWR1mx3PDIH1yuORrMdw-30w-aBlWtJT4udDPZBxfBPZsY91sxL2fSbzy7Q77djslnAtn88RsxIfF65RO2f8W49zZYY0CV3TiC2-6WImNIifjhJP6z4erFlV9u1dPgfwL8AMnvUwprd-2WhtQeVatYqM9kScgFb5wn4VuQZEBS-fhSsDMqR0ZI_vGfhkZMIVGVA-b2S2Yfh5aSz4nLMJAXV7TQwFRHUODRp8TwmsJHYGXNhQ6n-U6Xx9suZLypmpdlPRVRzSggDE8C8J6ILZ0Ska2hf7Qx2TWqv7sxqsxrwumNCZZcB1uyQy8RvvN06VxX44epmNFZ11s6KTCGdWQuzJEgG9xHcKtJMrTcDJ5xL3RukqHwDPuXrJ17GjXmZyCsHkUm739hxif-I3nJD22u118U7-UB9hmTxJsId1sT4KS5lLY_SkRtuBiJ8KZnHIe9yZ7GdMDP5Y1kqdyYnSzZFf03BFUKIfCYxSs7g0sdnrYUGMTAIAQ3MIGELEpVPbXY0apgVt-eauQiEVR67N4VWSrbtxwYPBS7xet-6Evq_-kOhxlEObU-fmsF2fWvik3WudjNdVtWimz3OHvR5NUO2O1X9ujpGfAU7VHz4EStfvyLZ3LsA1ugTJG4qXZXoMr9wSFrGEZQg6fhgbzqk1wHAzTiAF6nIfTODMkY3X99R8BADa2grRZUly-6vHiBZohPEzjvhysM-5wC4SbvP9pfipIAytFll8PCUBdwBuJs0DWmPwALiYB0QDvzSl-R3ox2DnpqCLmKDNIzpAd2eGVxPARURTxGBkKlqHJH5skqG8Sji6u1VMIeEFA9UOJe_Sngge4D53vXoKa_tQlhbvhirWjsQNk1U1GUVzqcCyfth-3gyK0hnXewmhEeR-UIT1sRpo4dYG17wxYeAO8KV5amYGsTFi42f-Sl28Hnq87Kn4QZTp2QPJ4tzEhHJ6vdwrncbCgr2Dz0nKC_JRyRdqskBnAWq48jPgle0x7osOPPU9qM5q3mqfa32SC9RAW7SJ89d6okHztxmy9x3lAz0zFgPVyjzmTPCDA7wp5dwNjsED802VPVrZyej_LciqOr3QrlmQrrPCpMN42D1arT91iLfNSD_3tDY8kUx3yKNbxhR8OhO998h7UFJpPDes_E-4m44g_6V0CFtIm1xendjYgLP-tQbFB9Cht87JSZEi9Jhc7bCxKVskXDqvikSSyFki6PW1oQfL9qqNJJL-MgJHZiuZ8g6i9PvoVsZTx4RpK43wTSpLMpSTMsKJxuO2eDKlWtb2EFVRFaamlp61mucFZCgA85YCBN8kHl8c65a5joonm7MIqoB9ggs-0QZ0TqdkEwI1SUvB4Zv5KHidKzb5QlrZwg0OIE2lEI6fgMV97kXPcIEvYMTDCKABUrjHjQ3qlTPn9zUPX3UtpuDmdFDeQX2f8DijhsYgU-S2f7eLoZKDwDfB7PM2J2bMNrAZCMSfeoKoD1ZRUxk-P5MibBmBgrUWZup6xnp5Mdo6HoiZUDYl9t9C0CQ9cw70Onxy8Ec14kGaA-zw7UfcF01xkmiJE47ltRjho8xbPxDgU2AHa-n7SlHwk-QpbJ52dzdi8TLaKimbdViLjnxXyBrY6tf4iOPo-cDlXmXNVbyyUXhyzQQqbKPV20aUJAR7NNNVpwRI8wwQLOv2usosBJN4g6klOUwbtKQmkCIaGQgAEhXkaAsxYCZac5SfFYQrjUQBam984aZgAQ

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

b2d1507cd33aa410f445e8007cf82acdb25fcf3d27ea3396e0220ebb28a2a929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 31C9 27 KB
9 KB 34ms
14ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e1557243be66cc2d0fa2e258b06480e653d90d39a1fb821de1df7a68eb481fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:52:33 GMT
content-encoding: gzip
server: nginx
age: 2818
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -s-GKec7mWWSRDojTQznNfhA9o88ytHOl5RqThAa2z1sWgADwY7dvw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 31C9 2 KB
1 KB 352ms
51ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 31C9 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 31C9 15 KB
6 KB 349ms
48ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3662 363 B
227 B 151ms
150ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiChIa6ATAB&v=APEucNW9srJVVYHVMLvrY6_a0ZflQQxPWKjr7YBHBmXqns4B_qpqrDJ9TybCGxS5lCQBr0aUDqDXTqj58EnuyA6qckUKlyzwB-L3JkKtruatqLLr0kpEEQa-Q_B8aEWE-6fLj8zMZYt3iOXNiN9jCxnbpX2VtayPyi2btnLDfQjdLoH4y_luJjU

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:31 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CFD5 13 KB
9 KB 690ms
690ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D99gT_aWDZxc1AgLmiYobOFJ5xcVw7O3fGmMX7jj_84adEomYOrJvgvYIN8z_NBhpLhAL-iA_jM-UuaUCwfXTNcB-c8t1YA9QPIwxevNL0k25uJkBzneTKf2PWYlRcuqn0SXaWaTj6lWPOkmRbzvh4k4FYFw&dbm_d=AKAmf-CBBhLOmgl9odVhYdae1yHO1Hmgsx9LrvBkLWTxWXVcuTWQ_JxcTdtJMfzj-BR9sy8HnEuuc3txVYeHVmeNW1xebOYlM-rmluPYDOKCwptL5h1TKvkc0wPEJuaA5RuRZ91foiCh-sgZXeLAK0GQGL2pVXuP5YKtlQADoKu74Zfyesjcp1dNARZIPZL5yWxYcJ25sITFR9i_u5Q80BZ077sIYxchLd2IupEkx9LuCeQqpfHtm_45Rb8skYDoTO_q1eavKNBwFr2sNhOOAqOvYrIQSvI5lei4ECwQj-A4JlXGOXjjxVz2POitU_gVxDbXyyotApnbXo3b9maB1Ul8Wk9gXqZQMr94MaZ9_HMG8HUFt38vPQVvJSqNopVTaPEE0Lkg_6uc2pO72OX_UwPk0zP2nxwvt1qTpY-2yBszaRNFcZ52_viEPGvc798AVO6dmIsE7-q1mH6ws6gI0J2w1oqpV05RW2pKQYm8t7X0TaqbFarKSPv7CYcMOR8d-CuM4xaATmJJ5OnYYcxXEe4vxq42Tr1wvNXYNyjQgP1nTz4VA-foLzi5ZvGCES8hbYpXIE5tM4eSbUrnbaoEcZWHue9RaYcjyAy5yeqIRDPt_GK5EXtv2W9npCgIea4HONO6HZyaQhVqe1wBvRBkiECuFaDlb2R-XzBi0inraI07eRBy3mjYnCPVXWAlmA-i0M4-VBHk1jNTMgSms-GKvbxRjZgYBbG0mzx4-UgGNu_2MUyKZimcQ26WZc0qKbl4293JLFkr-MG1xZglpBxwzgZ16-bbDHocOM7K7bycvuIokpqZ-Xmhi_Jq-u1gP_mQE8RGst4p3EKbQsureCkNddNhBKubGnQUZ_akL_sAplyEih05oFSj8GoU882eA2cA1eJj1x3h_I3FjBadSJUHpwaxdgYDo2pgmR5CzRrBSauuQQtonh_APOPJ0FPuZiYD1q0ttBMDtBS82-ZcVQDHMA18VFVuMXf4XIWUbhH7bFcyGomRbjRNWnZyghHqzTtjRsLC8sUhEIyCy__28RZWd-OghZBuY1zm65y9dEXII0k356sBXbgSDFAwWnY0YSy_l9rktQkWn0b0-MGGkzcILgV9LN0GKE1hsUAfoj5BMaEqc4E8vUcyINSB7TT_V_Vv2dcg_kL-_i-2_-dhyzXf_LBFU59lA-sZpgjrgGL87Cca3dA12YpzokIxRs7Qz3XZbvk5ryY384v-AWGA6htlXHxE1wV71AFdUq-8xvYKX19dDgxv19s4V4fmDXV_OZJED75_HzwfXW3y_BhVUFcsLB4nEztDzHJBvTt8toNFzDoS4OXszIaaIMgXS4DkZJqBz6xRBUH7b7CYRueL_O5OqevHa23sz5Qiv9JUKym3YxkLjEKSfwY5MU3lAp5ob74d051-LcxJBK9B13SPpanef4dPApi5ypDItGg0SgWO6MFcuZPS5JnnS0NnJqEB24xZMnDcsX5dsRHytOVKu8BiEmUCYKcHi7xF1lN3lqM8Hv-sFrIIU1jLNqaB6cplh-ttIScLBjGxmCUNRz2hEG0NmQd-mXPcirWaDNkdaOmD5LCxAUBwE6-Patcz7X2x3d5kTxxhjdeCenEMpkItPAl-SINHZtkO-ADUoCL4CVJJMj4PYtZoK8nDvUV6tLfOmx4ooho60g-nrxg_l6tqxiDYrr52kI87EdwgT3m01xoxTpAHKAdw_v-mw2XAVXmhpj4C7EOCwruhkaGGVmO7WMVzBsDo5ctCoYSUwbDhL5_Z7w-BDCm0GQkVNi6sAzO3WlzGsojmRF07hVAGFcqxgtUHYC6BRXoOk0izz_Dzhn9W9fgpGzOw5A6biCc4utLe_l2UTYr3-tGyWMdMwxaaCKx8xSCwIgDU3serNwKGuM_BCu3sxk3Ys-31xrkn268_-NIhL2_Tk4BcpLs-cJGaaio8gr01B2GdidCJIt16OV0ZVl71U0QpwC8FqVV1J8B6Ey3rQOEX6nx_ku0zYMxnMZ6-SsvbauXwlBqhCIuoDNtZoTfc_cf-BVQEXD0iGWR5IPq3zxAjpaGQqcXyDNVlwZln3rLmlktL1uaDQ2iscyrz8Esc5w5s6-9r8JrAofbtuLkYI0liy_QoSIo2kIN5yYTSHazm5YPcFyAq4-kmKRvbq7XVtKwIyTNugQ-0sBR5PUDpaN9EZBEVb917E076ssfRmIWKPjMISTW1HWGpCT4js7VL6EDnptqSzcfLEKK9TBc2nxbrkifI_VEcPWqa-hK_lS-9aGUV9frvzzJYPKZuPWPeAEAZ87qpTeABMigMQR7FSj5nn-c7ih3I-WJpMvEsh401QqUx5F0B7qJKbe5DzB3_SaaruLcmUCqH8uq-V8TKpx7hoT-hDMvnhRS4Rh8TapAj7_3Jd4hinTel0RD-utjoY3SdumxCxOPR-ltEO0ue9SCIIkfPyGfhHUrP4L8oOg91mBroKhRur7w2v8arVTZDStj59YW5PgEfH9UDyHuQ1WEueUz7fN5zeBQgd6FlczLManMVgd6lvZU7ZC38CDGGxRmpGSsxo2g&cid=CAASFeRo4yT-mKC7I4RhqQS_bSyKIt3pbQ&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ccfc3122ccd7a143fb57345055490f0945fe5e70c958739d01476cdc2966910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFD5 42 B
63 B 390ms
389ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-Z90fIdgO-uSJ9tjtBqPIlGUsUs1Enq-QVSxnPWEWIfw7_bEL1t5qAZ935Gu9c-ZPKJVcOshWhX_ui6-m7TPaP1ixN28eCD7vgwMc9Z_mLZQqo1k

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame CFD5 41 KB
17 KB 117ms
72ms Script
text/javascript 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVMwhUlUXaEJrCWyM7RP_l7pidB4KYJ3pVf--yqB3huyiNz4Y4&d=CnkAoCZ_4MvYtcPOeE45vFwl-iM_Rh8RcmpZ3NUSmKcyLR5X6MRAJJJOEI5yjKzXWtwDwhD38P-F8-yHcGFMAdL9NngLibSan1gnjkerVrreIiTYFd3pR5rlubkG0jixca4Tp7_Zp6lUoqiVJ9woqLG6cBCqmLa6kiNbEskRAKAmf-DFVWcXWUIfCDR4a0iqRx5b1gSfF-ti4G7N71PlxIO-6UzZ57XclS5NV_RnONLGYSQr2XXRx8o2nnHkIKzHZDdAbiO3ReaCTLi8MY9flGpXhz06YeLMb9HT4rcN_7SiTqOrc1jc34T8s72xiS7g-RUtl3sKkcm03bpBNfCXcLoDkFibxQvVADxQ9iLfLU6Y_jssNgawQoOKp_Wjdi6MvYd1QuzGBT92FRoUbl1DQ72VfzAFzxQQ3dYaNKALsj0ddLSE7jl8QdUbtSXhumPz4P4MsmdodAocHGU9qeGirapNFopyQEaOgXdxTHPRW_MdlJ6dTwnzZJaORUX9vqXS-2Q9RB05_TxYM64rub64WE2Xpl5LWEp_7rpzNZVEDpyIWZoVZmtPssZJWpOlQOtDOI6KctJfgY73Af5Owd7xVkYTDcmvHuCBIlKiYSYr2CoH_bAVYTqkVu2QXziAvszMs75tQUMA5Ny6l_07b7_kGv05KoM9sU5XkFQle6gxqAbz8mS5tWRWV3Tk6kWd0uXcxg-tD8jJ_zW30Y5sF0XmRAWW9dltEskXjAMQkk6gdIKKIgNCsHaUWtIOxv0f7RRm3ABc-dan1f7crHVt-sLQj9CivY0U8ae3BD9fO07EEZ7NXePie1GeWEbEGvSwZSKnoAWYUAxGutpu9MHx0jqweiPgQ8hGS-392KByQ60fcjGntnTpgnBEQjsh_lkEi2BniGVPGOz4_321DE8C_rxmPp_MO5f5r4-MydsktD3V3lk4yfu5f7F4ptBcM3vhCgC68uIxgPnKIKfrfgZgLf8uhFxynfPBodVwO5qzjfrm46mgh-A1Apx8xr5jIxI98MZor_3Q64yGt8PLLQSU2jjg8JLDE_BZI2RIaNYlAXzF9TYysqeIbFIIYtrtXt0fxzHAbVcfJMTzjKuRlc8Zt9DSagyUnhEYy4Uv8Q0rhod5fe4d38rieBS67vZjeevryW6tKXuM11BIyokQn20oQcXSvgr_XfnGVfr0dglsp_Zcr5231-nYOWZj0u5a9kMUHEizkY0yrYMgpAkLF7rtgqa0pYEEgH2oNd7quXM1GgjV2jSHgOGGgL8BdQlFiyqslm3mLltGStv-zMNEscvlFAS_w2AYth1PnOzE2bvE9qW7bLoGFxFMk6QIUhgNfdJz61OlWM92HVVcf_yTmQKNFyUJHa1fQ5cWkvDwa-T5r69yrymwoujSDUXyC2OSBr-KjMwFq8Xddnd3CeW6zLYhU9Nu7Be0ciJl5bk9DaXkn-cSefZu7fnC1pp6xGzjsnDbOetxRAwF0KFTVjNn1NBa3dASBFCq22zXNdSBNgZodDABn_1q48biTcDewjQuvK-yEJ3hRUbN0U70tdc-evFRNyeHuYAEX1DseyhmpUbgjs94aOBpipZ8YzkDPtegXOg8_BVz7L1GlS1HGVJ5BGuLwfE_M-9xtDNwx9KbSUE1uY1w_wgDqNhrj3eI29ucPwqZa7N3olH8UmzeZqKw3SyBMeDrgtmVaIp93cmjkYZMSj-8LKierf9R5MWGH-BQ6kb2CMOnFOU8LjDxDvyBqaqn9NUv3IWbpnTiRrhsgUjQNOPFWpG6BN8t4oDu4vDtIbRf3xBsxfAl8HP0FTVgn88GU0YL6mMyHaCzVqyGTznrQYzxwUff4-uxx6HtvmX9Y4vevUw7psBKbUMqy0hRwGclAsRTAxkxmhAAAsBw5jZk7V_pqUKOO3F8bNbS4u_gTyZ8wCFSmbKDPEr1K5vax6u30nlXFPYP0tkHrk7Yr7uAJ_1isSop9kgE543vjiblvh2GyWOquNSYjwh3ZfI1HHtZyKGpZHdDuPc1MAx95cf3I4nzmisDXhw5YmWGiPMSkq-Y5DHhwLBjk2B2Ghah3TrprrA86nO4CAVc5UBM_-_8dG_iQD_A3TQyzOPLBa6c9T_GqbJtpr6pMUs4LxR7aKpWFRKNII4sIRMsvn5oQo0dh79S1i4clMq-b5xAm7MzmqDJWOxLgzb-2xnPD1tY1m37Ad8usVe-hjyZLvBVKoQ67-5XcsgDNqUxu9sKi-GeftLu1Cefz1dqht8nQUxfA85DlwwDJVb2UERXp3D_WqCm0xYUGxbNKrpVdEa_2DzSLLoCUelbOYk5By5qiw4ZIKuJe5xf8I-uB6ykXGoCKjitVoRpOxsq7LGHROd3ti6Y7gRSKfASCfmK0yeZrDNzZLSFNNcjnaaUfB_u0CtcsYJixtFr3C-ZWJhcZ0z-aZ-XACbyk6IQvrg5cyWe6qnShUgKPjzRlWvEUkRFhu81dfHU4AVxNIx-FCBTHG4ZSw8jFNNc6lj_RLGcnHQADcEn118-cdlOp2vBtZdc0gp5CKkRDu1K_7k9j-7N0cba5DUhLgS_gFPVGBlqGjdG3vlAS2SGtyr82P6zNCPUlPXfNmQANFGK2aasddywS0K-PKISeVi0qbJby8PQte2msdcnTe0xTPNolMdNbxF-4SYOzwVDJ724MAnrMwk827iumJDgHvtUTBsJ5WdEIbi68lwaZ_I-XraM5YEz_4oI5meJbL6mWKNo2vUJp_JzeyiOabFOmDwwe00_phvFDuwqHwGnEn9Ozux_7v1WS7ZGq5vT7IzNeQhTz0P3scSTSy_0a48I-TfDqPrwdEzn7xhI0x-LTgkFTgIu5U-cuLZytQlGapzS4tnv2mOjFVfVdASFotm51wSOsFzR1D_qxRc7Q6RQ5qRKD7x-rWNi-OJrP0iL6TDpgzd69B__aLbBhwoiMx9q83oG6pXCkK0t925-BAd3L6xh3p7pBXhyVflaEDt6DD4fO7SyBlCyP4gNF3FTgE0rCPjTxNRnDf2GM8ySdDcYUm5NfPLoUe6jFvGa0tP0UH-KofhFLSnv8qrKXhpF7Dc_rWD1bUzX7x8HSPVXvWPlyWxNaJkpoxQBgasfkXKMjOPHquEbQGW3izksBI3dq3NDnHtmz1HUlMVM439eS7cVHik_ze_rk6Gdkvk0nQwaGQgAEhXkaOMk_piguyOEYakEv20siiLd6W1gAQ

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

9b8845403aa39200e610ceea0ca0850189e5c1aecae9026665bde73b4de46799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame CFD5 27 KB
9 KB 32ms
14ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e1557243be66cc2d0fa2e258b06480e653d90d39a1fb821de1df7a68eb481fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:52:33 GMT
content-encoding: gzip
server: nginx
age: 2818
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: QQbWfr3tzm7agipmYkWJGEUOpdKNJn6OrhDdxMDTo1aA_VBf-ciwkQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CFD5 2 KB
1 KB 355ms
54ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:14:43 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFD5 0
0

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CFD5 15 KB
6 KB 351ms
51ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:59:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CFD5 0
0 347ms
46ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDt1Jheg9_89gcEce29h4EyU4oStLUgKEjTK1ekWo9EHjS_MAhjvLLngmUsSJLkvMt9agoCY4nzpteutgeUTXB-S6QuA
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0745 0
20 B 382ms
382ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20211109&sample=0.01

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 680A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

43 B
549 B

16ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNVzIHanEB6O_ZXLCirMRwmhpO_kl6fshX4W0yqJE5EfHMQU_3XfjUcR0cbwdVFEt5-lWltdmaisGeWbH-ddfAgVMtthPOugo0MwAzYAlFZ_rS3qTM_DkoyC7BzU8zVZPX1FvEvCe9vPLa2XsCERjV3enBLzxW500vBMaSluWFEkp2UqwsQ
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 680A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNVzIHanEB6O_ZXLCirMRwmhpO_kl6fshX4W0yqJE5EfHMQU_3XfjUcR0cbwdVFEt5-lWltdmaisGeWbH-ddfAgVMtthPOugo0MwAzYAlFZ_rS3qTM_DkoyC7BzU8zVZPX1FvEvCe9vPLa2XsCERjV3enBLzxW500vBMaSluWFEkp2UqwsQ

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 680A 0
446 B 77ms
23ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame D454
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

43 B
548 B

15ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNU3SMtXmpd8Wu2ptFbskhjgNzwmuGWHu3iUaYA-G6xfIl4_wqElXHNyTHFwZa--1e3ePUbynGEF7f6JpwuBFZxaHZtvrPmzwhabRCvqnvzCeuecslJ_PJ0Z3j590KTaShbJWP2y0u0NE1ZaPA13yoWMpuwQWEN89jh4oa0G1iAuecexVJc
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D454
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNU3SMtXmpd8Wu2ptFbskhjgNzwmuGWHu3iUaYA-G6xfIl4_wqElXHNyTHFwZa--1e3ePUbynGEF7f6JpwuBFZxaHZtvrPmzwhabRCvqnvzCeuecslJ_PJ0Z3j590KTaShbJWP2y0u0NE1ZaPA13yoWMpuwQWEN89jh4oa0G1iAuecexVJc

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0YTcwMWYtNDM3YS0xMWVjLTk1ZTUtMWVmNWUxZTUwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame D454 0
269 B 77ms
23ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C4C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKHBNyQAhVH-O_xEy8RPNSc&google_cver=1

43 B
172 B

20ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKHBNyQAhVH-O_xEy8RPNSc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKHBNyQAhVH-O_xEy8RPNSc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4C8
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjZkZWI1ZjUtZjFmYS0yOWEzLWM2MDAtZGZhOGE3ZmY4YmIx

170 B
188 B

47ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjZkZWI1ZjUtZjFmYS0yOWEzLWM2MDAtZGZhOGE3ZmY4YmIx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 12 Nov 2021 05:39:32 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjZkZWI1ZjUtZjFmYS0yOWEzLWM2MDAtZGZhOGE3ZmY4YmIx
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame C4C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK-tueSu-o2fJZ2b2QkX4CM&google_cver=1

23 B
172 B

31ms
31ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK-tueSu-o2fJZ2b2QkX4CM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 12 Nov 2021 05:39:32 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEK-tueSu-o2fJZ2b2QkX4CM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C4C8 23 B
172 B 82ms
35ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiV9oW6ATAB&v=APEucNUUYxve5lf9Cq54LViHlOYjTgibyQN3h97V-laVbKyrz2UOoRGoc-X41-209dud0XT6gJWU27MHc5TWLUBmCnsu9pa7vX-UvRn6PKaXiBme2xXENmPgKqT8z1G9Lg2Iv5q_fpX0mHLqOnzv6vLdoPR0NeceGU3F_We6ItJIhoRb2obt0sw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 12 Nov 2021 05:39:32 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame E906
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1

43 B
549 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNWq-G-RkOI3p9oCFdAO-qBMfJ8NwV6ncmEGhrlJT4iRs8bU0N_ESHWIXiPyofRd6vNRkqyYQCM5EJtO3ipGVFMGJSwGBsojs8kAKz09XnhVweGSlVhkXqUKaBjneuyEzno2sn5pNaBRpqofyCr94XrgKilHoGZRB0a_PIC2tsTT-NInPks
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMYTvKFVfWhJsv3FvedinGs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E906
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0Y2E5NjktNDM3YS0xMWVjLWFhZDEtMWEyN2VhNDAwMTA2

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0Y2E5NjktNDM3YS0xMWVjLWFhZDEtMWEyN2VhNDAwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahijj4a6ATAB&v=APEucNWq-G-RkOI3p9oCFdAO-qBMfJ8NwV6ncmEGhrlJT4iRs8bU0N_ESHWIXiPyofRd6vNRkqyYQCM5EJtO3ipGVFMGJSwGBsojs8kAKz09XnhVweGSlVhkXqUKaBjneuyEzno2sn5pNaBRpqofyCr94XrgKilHoGZRB0a_PIC2tsTT-NInPks

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 12 Nov 2021 05:39:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTk0Y2E5NjktNDM3YS0xMWVjLWFhZDEtMWEyN2VhNDAwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 108
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame E906 0
269 B 48ms
23ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame 3662
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1&apid=UPe968e73c-437a-11ec-8003-068b74045f7e

0
344 B

13ms
13ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1&apid=UPe968e73c-437a-11ec-8003-068b74045f7e

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiChIa6ATAB&v=APEucNW9srJVVYHVMLvrY6_a0ZflQQxPWKjr7YBHBmXqns4B_qpqrDJ9TybCGxS5lCQBr0aUDqDXTqj58EnuyA6qckUKlyzwB-L3JkKtruatqLLr0kpEEQa-Q_B8aEWE-6fLj8zMZYt3iOXNiN9jCxnbpX2VtayPyi2btnLDfQjdLoH4y_luJjU

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:32 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED08ICD98A76TnXicZK6Uds&_origin=1&google_cver=1&apid=UPe968e73c-437a-11ec-8003-068b74045f7e
date: Fri, 12 Nov 2021 05:39:32 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3662
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPe968e73c-437a-11ec-8003-068b74045f7e
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlOTY4ZTczYy00MzdhLTExZWMtODAwMy0wNjhiNzQwNDVmN2U%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlOTY4ZTczYy00MzdhLTExZWMtODAwMy0wNjhiNzQwNDVmN2U%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlOTY4ZTczYy00MzdhLTExZWMtODAwMy0wNjhiNzQwNDVmN2U%3D
date: Fri, 12 Nov 2021 05:39:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3662
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS04OUczdi5GRTJ1RVc3aXg0a1phd2dySUJEamlfRUx3aH5B

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS04OUczdi5GRTJ1RVc3aXg0a1phd2dySUJEamlfRUx3aH5B

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS04OUczdi5GRTJ1RVc3aXg0a1phd2dySUJEamlfRUx3aH5B
date: Fri, 12 Nov 2021 05:39:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F9F 41 KB
15 KB 458ms
289ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APe5SmTPTGU3-Y3k05KP1QG_48QHbe2t1KyTm20Ru5i_Wof0JguJ_Wm4QVeHWWWQA3vZsnFFr8sMNHw4doR7eab0rTqV89yVx-6Xe5JcYr5e0m5Tzk5SQ27-dmrDt7H_eRtcSSPy9gWwyQhbfqNIo1eeJ-kA&dbm_d=AKAmf-CapCsUBosOoo-y7fze7Fs5PIczrT6sc1USAB2huxV3REv41Q6YDbd9NNa3dL6XZ2-jh4mPCp6xtt5Sx5rxP5edFLIvihBNPUQAhyDzbO-oXF4SJGSN5hGBjI_oEy2eYVZUgAZjO9feGIxBSA9NWXazVQA1kAmOypXjMLihoMkdbIF39HjlXip082KbRBt2RTtll_5a6Zz4wqrsKVl_dbQrmfS1s2czj1jdD6adHxy59SjRuozMZuqkZy0xbDjvzymeYooPbFMFb-9Jwc7Kufr_vSddSMR0SxDtApAd2shMcYtculPGseiDy4h9__o_5y3yMhIPT4EPYgVRQU50QggdxueccYo2RDxElOCAUEXK8IoSthnxmMl8Ssku5v16Vzkn0slTYqrbZPRYugOXLPzLz-uyfn1ZaxKCyvZCZ3HhlNGHzMBAWdhyAEfxOTkTF6-L32dyfY6YSVApCEDAhdI2eocguCyif9NNrRSzhf8H8weRmYF_eEQeBfhBcjmgWvWJRX3DqW9e52wVuFAOJ20e03vEG2WDvZPci9D-qF3seMZwrCIovODacOc5JwsKe_GRuwITEHO2BeyxqnjKLV0asNlEMqxO2wPxb8xI4bbvY2w6G1-McNqPp7U3ou2XZjN7MLSYucgk3juXTsTKYritv4XAclWj3ONRYz2-JXlYqyhBZJYgCcr8IMbKs5jaNr7gBP3T8DTGx_8YotK9z9N6ZLnKIu-Owxl8NVA830t_OSTJ3O73lUp_ZXvevkhvfDpsAkl2kzBuJnCPI27sdFfMEWbFi4cd6AHhm7auczj8LwQwkkAfKbA3G489I3w7RWNz16tkxeAaBu4LWfuoAYev6C6g5d4RAwlvTfDDd6m_Q_QdJPmlOivnCk94Twu1fFASyp-jGyYKSTgrQGYLQH6uLuNEU8fDfNcl6_h6m1CedzS1Miec4xJsmhi1c1waJeK_ZjAgS4stg1m1xgV3-EX_ZqFI4HvGFgtjb979bCtmrin_T2Tw98e3DBE6AEbwoPnMBdm8sf8o8t6rczRhd8gMEFPKqY30xWo4AX3mow2nY0EzzYcylbX0KCFrAAQHvPdHT5rarJ-936zsn-gy2nidz7SdE9EQOjj-YkaF_Xn0oRUQH5qWW7_eiR2e5xIUoJzSpSfwtk06oQBK9q7o8HewlPTLWl4lLhVZnKFz5EKQtuCIHn9QGn480Y9_0C_nJmaPeeQx9sOM1pZiMpAQV4EI2Q2h2afNXYAU_KnFxyjnYa_aVXJrG-nqnrD1fJifVY7R5KB1QPGNEeQDO2DE6Jca5zUpBTi6WstY2g6LRSrHqEhjjNcju629ufP2aCzVRLvhcIoLoJJ56WA7nYGzDJi3xH7KgTkBaufKl9C8RrFj2LmMxVhz7pYF2Xf6Zmh022y6Xkk_uApV-MItqVHno_f4exTh2Ykum8-mLiRRP5Fw3dLtrWhny643o-fXms5zD6efshtoRYBj5EWUaaBMjBOQw6ILQkWc9qw8jZq71nLlyiP1fzixxp9BKPlKHaPn4Yjxrsn2adbTqBPMfC4va_F0bwvz7w1-4FaFABi8VGhYj-jzb3fR6cz2RRtTvpUgv5YbMv6Ci3qQRKs7qKBczKZn435Rzvo2C66dpEr6wlXgf1RRgu7hKQWT8Va2oR0ftuil-_WhPkGCBXmUV7iC7Pnc8yt7isoHj9z_KIbAdy-dJQs0N3IcY0c5blH6GSsbhlVxnhfg_q-o-a3zPxxxH61Ad2fc17JJieL5y5ZXLJizI7IPr3BBpH8IuEByPDC4IlrdwH9JNvk3ho2W4puyaymPSD1rTylpvyv8doNBCX9YHfBv9yjUdm_DdYgGH-VMDJPQqNiP8yISijX2sC-k90ZMB1yKcfVd_R4ip_8yujjjuKQpoyU-J3qBHee09-GCKQ9z2fDAlb0r0LILPUrtmHQHEpBRPyz-KJwn89-_h1UckUP87iQDxXjJh_OWj7J2-44P9NYwh7PaYqDHfVWwb8H-pJ8Upzj26VTPkSL1zkrGYys2XL80tbfF0BpsCiTBeEMPfXQ6I3MhnyoGD0fXMO1rLZfeZLblalWXOY9pYNxorYXO8s9rfLiwv4jfy81ayvgyd5tHmP0m3BV7X8UejlwoY3x_hqPAtEz_dQ_SVgP8AXFD0Ihi9ujgUhNpUBdpCi2xch2ICVrCF0yFqEt5EnQ26LfPy87klBFF4cKMCIreSbVTv4blvb445JrMZtCH6oYb8TDIhU2bvGnk1w1NZPyR5MpK7Uztu_TFr8uGe04-aWpRV8N6mmwZ7CD6m-mumeEKsrV8kZ5NJWBSuP75o-1T8MVWoVcGaPnb7HDEeWRqMiQI3Qilezt0phmZzZqAOmSqHE7JkD_M3rWMDKq1FBhr568CEc7LJkCqYOR54Seu5iOcWKwdls9YSQ6ZHOXPy8uFCLdiAiHPb05Pgtn3eW17k4hAhmaeOdSTSiujQsGVTiuC3ltfG0n7aeTcOY3Br2MFBwUNL_fFNyjckT0xio3KF1Ttp70L7JfD-fnQknPV5P6wRhDvVM7oFzaoIBSyc22ew8gb&cid=CAASFeRoCkM5Pmrmg1pGJ3CisCe08yqEGQ&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 658A 41 KB
15 KB 254ms
86ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dseq4rVbhl_uX_ZScpR3Mk1A2mBF9wRJ3sqprKpvC4Sln6YJk_8oj4ai8bcCe4Cm5ZVnlOVHZkU8sGCjlNUx_ZSH7vbQ1jceeAFNgMYtYtWyHVYPmaecmty7fJGqAqIMLJwP3QdxkStApYyt5sw9Pq3UodLA&dbm_d=AKAmf-DR1FjODv5sb2E9_ODBZ2Xo5D2CgAR_-WAuvl95xyNX_u5WhRvTokrHswwSfMx7HnPBAL94_RzrpBvb3vres9N-bz8brdQSnQ11iffaJ6-12CE0OuIseBlaPc40PSFUly4nNFK9fbzEGr_hsSO82dTj0wKVdhyxc8pQ550mBFfJbO4C-YWu-O_ebXYcayR_1hHDaE0SzwjCizziUMqMJ8BWe6bKxZ_fSDQHvRgvekAy14bnDMkWVwZ2DENfSR1XOeoDHhMOBVvY0ufIbJtkJkX-z4ZGnsJHzGgAfYse935-VgosA-0_j5H8sy-AfaLXA60FOIYRcAQE17zsjLxEKbtP9SfuY_eq_7FeZ6-FiTPDtSnrgT3wZkonJ4TxfsBoPMbPXrZx4VkUG9QF9Vos75r8qmNSTyUp-EHug0V1zWpmnQGa6cm0VlJhqunwdgG7AZe4Zvw_zcg_vgOg0Jo15v_mjl5rjhdr0vO9zFybq_MiKjMt4PMtMPWumOybTUKJvUPhbYuKHbjerSQM43oQjQWPT12TMK3UStszGbZp_bWtISoAit-pjMLkz0JYAPuHPEs4BJ5ljrl_dJmI0qWDbDNCgWgykzd0Y4V8kj1uF0540gDt9cNI21hGNZEtsTW3TW9ZEO3Gp0BALYuQq6i59Et7h9Jqfb5-_jIhNfp5udfxtSy2-XMfR4w5LmEMhMTuWN9BdJ-tv-qjkyIs4m-YI_XBq6QHnocfpyR_uWJaXJnZ8GCjBvRGGzHYI_nY_uGV9HzskE3xiHx_bKbdTS1BJXt1gFs2MI03a868q23VbEhfAPYkwehSwfjNBtgDDdxldyKQQLlYm-ZjP7msXx6HNGpCZFjUdkm1Evews5jh-fpQjU1Ooxh8Zll6HVNHNRjw7EEKfqkVcj1qYHXx6lP0KiJES_5PVmszYozCnyZcpFPCqQXUo9S-FBA7oYnP1W1Ni8zJOVf7A8KMt-dR3NdiimTtKOziBNuFKv1dtyoslhy-8dnCyDo_ZDsLncQ-EDUh47OzqNvu9ehaBGvzKKyOInNITLYocmbYuilq0jxSNsBQ3Hu1VaCx0T6Bq2De-F-A7lxBvu1hv8kUamueCh6FzrMBOzEehojD1oL-XKY0iEi1194KnKn-nkBZ39jiCImObDoSTEkDiJEHQk1-PLodP3AIf-HGLIbBQwOgS6AQtFwMdm5wYIXNTa4BPKA0FY-oWFm4ZGeQ6fYPfn92yguCYkwirPZGQvEO2RwUib7ouw8d6xKZpwFIczA9X4UWB6lV2kG7Mi9i-oRTmoGTHcVS8oLTe2DFaEf9Q2qrvBCtt_XscQWSu0rlcrKCccBepbwyc6-am6AEuIcpdXgN62D9AjGB2mCXRZm7e4nuizZg8cXGFwqmIZhU4J-FiUqBCfqoqftI2pWfl4X-6TOxx8PHC5ipLStwRkebKTWg7VXj10AGDbNfzhW9QBXXnomF7nBkX9toWkdZStHovEpCY4OjN55FmPoR7ev5gdc71m3Lr_NwczHLvDjiw-9MRHAIkU5LkwM2sWs8JHxZ34AgahUFetfpJHhzIS-XF0n_BEiF31DrOlHvZ3GMh5I1jY3bDzScIHxNzCoKFThm-QhgVqyjF1wRs8l__aWOOzlwzzObw4frspDkehZ6x4uou0Qlwm0MTFE74iJwXA_1hg69XmsuGt4xmZPS_K1CZWjJpAZJ-9VG3IMVWQrxuMSzLGqCZJHHGEgtPWm_B36dmykw1DP8Lt6MB-9MZ7efEt7Odngfk_lafnLx9t15PpDxCpjRnQ9YrRkDnir4RmyHj1qAsx6CFsNp735R16SDk_VfOs2M7Y1qFdzlu0lvlVe8xCtFVv35cH5uetUWoKV7mrs14zhA0vMwyKDZD6P3p0Ki4nvDdqiugncj0boulUepjzLGCyh9YNJYa7qu8W0f6SkxLrm0sE3dh6zHW1cYRlS3e5pOrkjqlXdVPXO3KAGRAUzORjqTjDrKa6Fep2AnWsUqXvXHy21U3kOtwpbCAU3yuUoPC3iLM1vDo_8sm5a1WhWvOLpF9mgQcWf5JG4ShoWXn0pQ4TMYU-zkSO9e437mNpK3Nfrhasd8JvCjDmap5xLjZWAAP5ywIuLdKeJL6sQLWhRl0gKTGnE9ayeL1EQymN3SzZNniVw-iJjIIaG7zUbyhVoFEqP-6wKuwFn3FyGPEuzLBVgahwhqzcwvMcsh1dTBT_0zRLGukgmGuNFC7W2vVyMMy_VNcOH6zHtWr8TwKnTMcu8r_Y19i8ri_GO5p_qEQP5dZi4p_1E-8qJtwn8hzetK5fNlOxMUPfR5eJk3yuypaaVnFZbIKaCxkmXCNLtLaLlbHkH9y7RuK4yKI4ER95sWlhe_bTgp8fqE-7mIvAEBXv_dznsVb2rHpGJ3DxwcwOpd_uEm07l0rqoi3B3GbsXib0DihHBDEe_dNwzLAYWNKkWZh8KFB6zZDGb61wW0ehDFRVxVlrvxmEqpmJKwKylfqJ0OMtIgVAVSmxlVXNK02xtdcgfwgoCuaiVfBln5haMzVE92Ev9K8maeiwahP2n13rinyFkR&cid=CAASFeRoDkpc-Ao2wYy7mNJaZ28imIvNRA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 9F9F 24 KB
9 KB 403ms
403ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4LEJ6HFYWoroNJa6XmTEqY4TUX6Qlcz52Jw6_ppT-RkFRhPAt5qDY0VEuXSaNIyGhQ6l0aphdKBtXBT34PNwgtIZtj0Tu6w02mwInwr94RBm46flCzTxGKV0W67V76MhXOu-CEsp8CcoxfT5BlOBFvRvNBVgEtkRAKAmf-Ai7vOu8NjN6zI_PzHoBgGHb-65CwvPLdId69R2gTUgAfAKS4aXj0DV362RQ-Z5h44JJJAO3BmOG-GCNGU2ygTWae9pWnIuJqEq7vULpCFr4LG8p8iVexjy5SldqmSG1wqIYpJXir3e1z8T4Bp3aaMHXlNCILjUrqijG60kNlNQxNEWUyiMyPca_Nt1gIulAt9EhKlO2r-W4Akpnbl5sDokxCPsUmE58xuwjR3GSaCoQg8-EX-8irKAOcyZouFnqxpxdOpwhFwmZ1vGZb9FfBDmOsaqVH8LTd_sbCAMAPOTwqvpLTBNrpuszyNFrWCBMTm7Zwwg83yRsMbLjHIEAXYoV3_dg4UZauZHiTCPT2WsesJN3KiVnUrqMxhvBv-gi43RiwiMinqoPS59njonB3bOuXSQBygo6JauSl9TSQDK0OIBwl2ctBMLK9s2SRhhLUDS4RAVD6fAfEDJlGdqlG7cZL_yE7DsZqdEv1817AYVli0BwoL3THXPGXKqWqz3vVstbiyy14LcvhrJFwDgOOZ3oPnMeaC8kuzvfIUdUMUXGo02YZFoDGudCDcRAdlgGxhYXzUlWym8VIDXqBLaxRnNZeRRWfr8nhYMJ7pY87y7EEABJ6-uLjj6Wf7yzFfY69FnTQco17R_e4xNA5TjYVIhoybhxKi4q5oIUEr0NM-9tWdcmuXzGRxbH5ruGyxmu5moZrXRFTU4NhQUp1spXXH4I3ZO-L9R8Cx5IYRakDvNT4zuXrMTXCPteYUB_HQFrfWxTiO3HUTFJTOA_k5VOKlcDp1_-uJjI_191NWIQauzvNHdTnfZcerkiiERqODD1IqU0raHqFP_-J0lNKhLd9Wtad3E_t3ZjMMA9nsJ6aG_IAy-S1ahA-_mleLMT3XzWXdeFU1gwaySyHOye6G4dh4L69QKBu3XpRvR6Dzt7w5i4dPw8JJ_FYGitsVTxilcXHziAt1RnjtQqhoM8zlrniJyIO4-pUBgM_Q8UuHO25GFCfUpIWQOec2HjBFNPU8OO505RCdqTWTHlZRvCb4qYXdxqUpROHlwJpnALTgrYRnoxIaWTnONf2cojM6HLrZ64iFSTaGV8nCCaU8LUNMR7Q1SJiFG7w_HSh1S-yxj-inQ7Sk8OOuZKq-pGyFJV1JNtXhfxU8xBpKUATO8c9SMjEyn0oE1fOifz7ZqaFcRInTy1c3X6vWIaQu1l06PCSwXcXQUEdbnOrtjEXBTwLGtxovvrOZcLYCjYdQwMvGu7pNGB_laq1I6s3IIaOMHMc4h0e9o6qWtC_YFgEV3CUe_E20a0MIz9UGBHkYHaTeqwpFXVuHkFfKsGev-WBZDGchiTLEmEYsnk4D0kb1ET0lnJBPEriklCdx8kYbsO9A02O_7e0ac-nu5ksueNIMQeDCl8f_FwC0GnE74c-aCD8yBEUIdrJoIu_FjthKueOpn58B4ZPX_zehYhCDnJq-6eECmtSq4wtCMztnwdqVKx5GnPzSAlUyQoT6Tz5G8Vf8fSTOvFSOjh1pYg2vlCYPqRV9SO4NxxuIazG9e5P5DfUIN0YeNHjYe8jLA7W3VtBvY76AveIv6lJng5Vts1CDv7etEPO6iFV2s9lDmW8j95tIpT7eXqvyVdbRMcwQrSOnsssswV1Z-HWXrZxnY-CWn4FCqsfKBSZNE8jiFpxsWa1WgjrwKw7DGIXkFqXmhdR_9SFl8UlKYqsouXEENt0E3n1OLYggQyn0MLaPsi4Q1yLzS7jqVmkfrLlI7sqTM781tIxaUr1QZnL4--pT6s1Mfn8oaW_OmzDc78qRgHk8t2rGBIRBmKqSivnffl-aZeTiCx-Rl1ceqisR5HmkGwM4R1pp0DG0Le_3w4PWmdxkzZkkubWGZibhElyr5ib6ls6UJTMe2feNcA6JRxGxr6EI-meyHnIKdUROlu-pGX_x0Wcr7YQwcGVPbsBbgegx3LZ171tXSLb0lCmnJvxjd3a_6i7afhTgbEmGt-Fu46GWaJL_2KcjYvKBVXYyymebZkmvKeaoVjSLKqWORQpX0HGl-lRrhYWmcfkK9bouq4vntZATUUji6nb8lWuodan0EwMGWGgkl3fQXwlk-CaUkAZ3ZuQurLX0BoIw6fCniig48_-0aM1V9VNwiI8v7q4C_zVkfz2K6Zx9EzGbmYdAs6XWhpNQDNz905vpjRHrhzkOJG3E71FRc_nbuPHEnsp2GYgWSNHbgqYmn1Bgm7SnF_8o5kHf4-2OvfYd5zOHgpEfkRJRNoWOs3Mew2N48_KUyKkGDmFmJWqBCgK3_qZMMxmofL5N2GmI3DhXXLtAhXokHXZeYhcQ0ot1b2h9w2QO-kNKnE5lCTBG_yJs3l-v6eNRd1_nDwnu6ijTdl6AoUo1RdvSTKJLaI8zofe1xKJyNzuYEXQzyj8NOQs_OcSVlyKyvYSnrF82q-5KkvYXE8aDipAckeUd-BnNY13aTpbNt49msKfm0QFZ1H4xd6FoJQRosDkJYgP_a1TJweVjCMHlrHYedT2srq0LyGKuCIwv3fvbGG9LTZsBjULBGZgDKJFs9TjobYEyxEVbaQsAXO2CKuHdk8AniwlZU_S67edmVT7w2mpltAwTvNqppEC5940LlB2E0co8FmoZ_BnUYfLsc74LHewQAxFswPtCM5I_ZrtbV7LHLx6EcjMzS_gEF5sn8Q_thUti8kP3qmtD1t8AlI94p-9_pXAcz4uvUPDkJAF7Ey3qjmCVFjPGC0Lt_MsZJnNBKhNkzqujcoESe8lh-bR5ptsamezik3K9B1moBllD6WvKvh1dFrmKoJXC4MYWaoLjgh2Yxb8XIuYMeT_nhk9NI-Eu_cTLR580HXkDKRe6cAjkeuOko03Lm5Eo2oG1SMwc33ybqcgCp4CoXZVgWXzlmV-owLK76ulSSKX5OK04h27kf7p-KtumeJxLyBqHtFYQFcY-NUAynsWNiqEN8Ahj9C8Z85eKS4zqRtJVb2XzxBf4fy02lWr1kmZO4mD6mOJn52Qy7kEQ5GhkIABIV5GgKQzk-auaDWkYncKKwJ7TzKoQZYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET
H3 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 9F9F 4 KB
0 1562ms
1562ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:34:27 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F9F 0
524 B 175ms
74ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-TKgDOLW3YiPPtryaW7Ku-VpcStn3jhHIZed91lVzK_Z-AJOT6RSA89Oghyx6uXuTfgWAWL7vJftZyOLPpiZaXajHRx6F0xRp3_u9YfA_TAVEhgww26RwpCcTLsNdnO6hSwtU950T&sai=AMfl-YT5fzxaK9Q9uI2cWOLzfniUQWdA9G33qYpsoZbjAaYxo4uSF_Bufjea8RK-QhkV0idklDPX9bdwSF7N2FsPcKymKl8hxeFqCmOTceI&sig=Cg0ArKJSzPfQIB_l5SYCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.60574&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_zerodefectsV2_static_300x250_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 9F9F 45 KB
45 KB 475ms
73ms Image
image/jpeg 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_zerodefectsV2_static_300x250_NVIDIA_x_DE-DE.jpg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

4c1ee2864c14d4b1e4ed24524809ba704594450f131d6e69c23bc91c4744c08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:01:07 GMT
x-content-type-options: nosniff
age: 70705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46378
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:11:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 10:01:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 658A 24 KB
9 KB 398ms
398ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUOhgLHAlmcPMc0UEvoW9k59w2ii2B2q4jCzxriNpDDBEeecjU&d=CnkAoCZ_4CaHEXgekWkQLT9Q86pn211XX-oh5p7n27TU0fk3jj4jMbkuC3JlA2-_zYLALcMceARzHiBCc6hjxxIX4a_DUVfbIWFD8xrv4SP94cIW12k54EBpfG_inS4MQlizIG9CTo9fv90ZYB7fm74z2y6P9mq1LHerEtkRAKAmf-AC3UsfYoX9bpWnOJG0UwX1UEb_zeVnhkCG5zQyO9F8M4hEZnehs959rxpPhlBINJhus9l8sxJHusEOsVSXFXm5TUm3vmNSKClPvix87Uc-EhhL9k2WTAuTyw782CLTdgvwfwh-M4A95Cw7r1vaHk5YRBB_9F04Ma2_Yw6vPt4WksoPHrOrcD30nNe3CYlBbXJD-N-2FHqrjWo686gxRDXSdLCOU7XEGj76o2g2clpctzGjq2RVlFfma6JE2xhk90Bl7ecEO2wqjOPqYB0olAAilGbbw_uyK-9CDC3bVpzmzyhMXDadpcx3wKCmYUSX9e_CsgX8wk5TLtj41e9BLVbBhqu4tBAcF2Gd_aoeLJikPjvE1BkHLxPY0EyzsO9aqUh1G5NQqNW89xT0TBeB-p24LPJ5eWRp6nHluh5lls0BwmoFgaodvlq04RUszhzHl7yFrj7omDxUw-P9lLrmxRuk4fxzChXxgSeG9Nmi1yA1lclD8jw57SUAUO26kzNuAURuY6wODNbHsOT44EKjDnSbpZezoZi_JEzAF2DKjbUk8NdXm9-imyqP-EnpoglhIfPsqXQAVnXZDvavM33cGtcKV2FPcUsCJw5DwYLo7LB8VcY0H79AE8Q4t13fxATtvqHykXaTFjAM9asgdWCi-54UjAITdVkuZn2XFpffdVK-J0WVQiMuDf6VRW1QiQqTkMNZGyhw0aKdO8NmCO3-tF177O1EiMugIZH2wA7F7JWC1ux0IVHSMcSAjXBpcXVWy29fR3v0-aNyrQd0lqRtvBPaY82m5YWqo9dO_23dvxcHKI7itabF49rNcRvIRW76ZylpovgALV85rH0XyH1cNlB2IoMDXj76VOSQ9MuOsEFP7pJfW80WprA_Z7bISfgVVgtOgr2_PtyGPNnzqA9-_H2LGdCZwaIYzN3MueTd5s6LHYhqvk4g-g2R9_kOvKjbIOC5k6_798Eo1iNTbki5F_PTZbvGcaHDFZZbLUMXqaTKynpQrBYuo_AQCZWjBE376indeq_GfKSZj-20uaQxdgWtFQGibCAawRf5-X6gEi7ZSuJd4nn1iWR5v710Q1u9T_B6S3nNIrE10FByjC75_F9oQaKLk8hjXx1kY9Ngv2kvd-xTSoBzKc2xAgdApXPev5QVWhzxaQCI7HDSMW4OgowWM13Ozu0nqCYKWc6RHELUkLsLAwxxYz0XOd5VwNUo6OQ1qeO-KEFRkVliNrxnOM_khyN9ixu06z47lCCJBEHzXaDNZ-Gh_iSVlE5BrHqfpYF5L4dTS_3Xg4aSABJxJR3sbjsgsFEE5gFYcBOnGeoSAjWWKbiTW5Ry1rgIFGX0bZdMr3ZFQBKkqsND0Id8QhTPqBdYi073Yglw9frooH_Yby3xKq2kBUj5RS3OplKBs9BBbwnmK6DzTLgBD0HKqYzbnGHPKOubSgH80_3zoxaohZMOSRpmqL7JDwZHm_99dg5eZ-4-ICYRbhIfgl6KWFaAB8DVMlCYQP-mE0drGmEpJsmNQ7n0BGGYTA4JSLSsl5mw3vDVFC1bRv-Eifub9f_AlBioYQOJy1ujeool2RzyAeOxQ82ts-tj2Lnt6ULRRd9KrSMAqCElXTzyWhgl-ddo89AYz9L9Nj0MOLatyjNHFdGatNvwLmDYZis1SgWtkAXmyT0wrhOTcR00IweIVwgBbUbyhzJud-xXc4uSZmwbQzFUrA6EfKXtb80ZlpaKHIGAN19zzD_iUv5x5PuRsffsHFj5jsNd2AiLdV3OaasgzPlI5rjBb2vfEFXCNBOnE6XSsKwrLT_pr2p1FiCV5gX4R2MPM-lC8A-pvVMwVO1ap9Jjr7h2LAS3maHw3gJEiiPfDqKZZWLcnELgeP1_BmEkPOgDtGWk7vql4OxAyUaymWEvRcaR58bd4C-bJD0cYmfQ6bBlK_BsHw_JjF5DbM8xmLfTFqq5oXfNHJB8zKvTeVl6ySA8GfwuPfYVhYTJqcKZWUm2GugCuo38ZzPPUYLAk-V8MAq1n9nKeswE9OIeB54D7kbgVKUEj7lr52RSq2dHv6OEYOzQtZhQ_rZaOYhnmqxJWwIaI_W2o3vWIZGhhBeZkTnw0in6axsWws1H9yyuJ7Jcj7WfkCgqcjO_7KhRLUhWRxALHIrOnedbiOVNP0_MWCjJG3flmx34D_m6A8mPb8lg18yBVMc4ZybeHzxdpZuRU1AYFCzVXGh9e1DMIOy_AF8W4APwD-A3i8m92CZOIzWc3Ucu6eaBX6gTLhv5v9sL9MuOJHd-DTjSWquNkfWOvW9N8-uSN-_jfNayMu3VGnhXQkIN8IkSi4JW9mWPxBz8gCuPjwtGyaqWtFOVpeV6hQ9XvnF3_DGuEfDQIFF0gbbbHkz32bJ-SL7YkJlZbaZsPPEHJgb37vHcTECd7f-W-Hk2IvI-iM3j3V1RLML421lGErJKqbgfGE4oiIpmB_8snTZJFizcIwTSQbdXNGSO9Z4-U4_xhOxtzdH43PH-Tktdio-Y4fCDSCjoChkOst0NoqfMC13mKuarH_dBjRlKqsLKlTlVBozGe7wA96rr4Qjp9GSKqzaq-c1RN2j7S0F0I7QvhUCCwLpk9URW-IlbtMa20MmjDlBatrTS8qZTFdWLnh9ObiyLr_PbSWJE0D8DKp-ihCEsxxckQdqwvkmm9KT0UJnQ5ZeJ7QPIZA-QqGMLbXmsRViXroGyuTO0rKSJAvjemgPATK6FkB2REzkkPqXdv1aHmwhrJep7916CEKToM9OiVf6Fhczfq4nNoWMrTKXp4y9yl8uy3fNOdyx8AhtzzWILSd7MLir9mZTSUI7XC7ByOZy3qHGw6tomEcZuLbwhSf8--Re7DsVgRZiwnC5IJUESbhcnsj1Xxkivk3e0XM5rLZDp9YB3C2mgl3zPEttEmqUIQIDnH0aiyshYnjlAHg1b4X9Y6yjPN_9bpPX_wDODRFLiSOU8fNoOTVHydXBS7IM626HlaIisFHtq6_E7VP5x5-yCpJvUFvwz-OtpGhkIABIV5GgOSlz4CjbBjLuY0lpnbyKYi81EYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 658A 0
0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 658A 0
60 B 174ms
76ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLKFUHap_NVbIuJ7OBGuHhbHCSDrqDUGqhu0bD9VLcPiVvgZ33Tw8Sc1mQ8Z4uCo8iwhcbdcDBwfHb9oj04vHfSrsfcqdKEbi6BNjJn1jxJScv_VSEMdCsIRD5Ps81gAjXmoEmPUji&sai=AMfl-YRiu3bgFk11p7DNhSrH-FEsBVkf5Jbn2l82P51npR9hHPhz3OaqQbxNga0t9Ak-bu9iU73Q4qL2dStD56N7uEd-xBGREy7ZxKrWACA&sig=Cg0ArKJSzAcHbrvjF1JvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.59287&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_moveopsV1_static_300x250_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 658A 18 KB
19 KB 436ms
37ms Image
image/jpeg 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_moveopsV1_static_300x250_NVIDIA_x_DE-DE.jpg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

5ce4f9a7c06277a4e54c9d3cfcba40940e182c6810671a6dc5e32b7201565bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:01:48 GMT
x-content-type-options: nosniff
age: 70664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18537
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:08:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 10:01:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 803E 398 B
279 B 1575ms
1575ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi6lL-5ATAB&v=APEucNUPCGbLPs7b_8EoI-5MOmHOEB3wYKhfH2suXi9E3TpgtN2A7JldeGmBF6wIUcoxTnWPPMGMINJYwScj-v3LOCLx-1uuBi6246kCk_OWoYSh8Zi47uyzaUDwuscoWoFF8Kxw3tR23PMWvsrwhLbGZGXLNu2KwqC6n1SIaZ_6KLZ0J7jFowo

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Nov 2021 05:39:32 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9FDB 74 KB
30 KB 1575ms
1575ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4oaqrQSd2Ai3yzbEPEvwzTRnddw7mH2nNB6Q29P0_g0K2JTTelGOKFDAKCrfR03mJrJ02Svb1fk5uCdOz9JJ4rXOyZCSEnhXAJe_C1Bhu-G8J-gTnNUwf4Hu05ECjNLdVCTcBR9J_hF7pdwTS3-Z4Rl_8Tw&dbm_d=AKAmf-CL6jSZULj8rapi_2TX6qL_km2CMUzyU9WeVwdE6r6eI6jr7HH6IiaHfMAbojFWufPvXjEf3DW3uf9fh4u_vXoIbmnXW7yw7RsAa0JUzYMaSd3qh8zUyEaXGijzPEZDjYa5IKdmIyX6qFy9VfeMivBCxdviGhsk4kT4D8lCMZq14ZHpsLAFdmXcl3oRlFPkpkIbRFwrrbXt5Xwe88d2rCQfxB5H9RDNSw4TL-L2deUMfXRexosN7jUiOBHCt9Mmz6HIRVE2rZUYDW8rnQY0q02DauMpUzRU1iEsm8g30-sMsAvYKoEoZ-LwhbqS_Afg3TgRFn84C4kDHMjvOBF1Yc7ldz7sBJGBB7xbEqpciW5h1sW4L3FWedM2VexEvgJ37i8zBfsXPuAdSguYW1kvdqAAEHRmlapA0Lc25oL8WaPrHjD_T2pJz61hpqqj1vFwsZ9eQNuwZoZW2qNfvWBSDq-DD4wVbHeSZjBWYRJTbVFTwFAZoyN66Kaerm-qDNUqyIF--rqZCl9TapmRkno8CZW_ThbJ8sLYGwaDZL70j31Z1ltpbWPB4aOAeo4OQcuV5qphc2Aqu-4hbd7MGLCQioRR2tAm7qCSCv2jef60Xnk7md5pniFsqgIexK49Dtzreyy_gne8UcfHkpuUX8IwLb5JOfTAJ4mjzgsvL7ePKN9LxA02eXRfWSsQPzcPV9m9y5eL0A1YgIa8RIS9FNcM_D1yZ2zGsa6nBeSUlkVfr3qyqyOQhBQfw8Gbho74bKtwlLb_lOds2xORcPUkqyrbsNNY-lGaOC4_GkULrE08JU3K3dBY_N5FwezQwp4wmXHPUsfG4nmFrLt6pXb7xtr_gglgnAYr78zttQTz_HWTntC1bziHwV68sj_Q97vuUxoWENTovhRI9zWqWxnO4aXdXw8-XOq1JRg8t5TYyAeAwHKMoZShoxsNhypa0KhjgIeCCVzZjuZ-6VltbFkho143oNzCvEMeNRXpBGzHreG5v2dwvssG99HBqwM2d1r-8qCBeqLgMqOdF1mknwIntP2a01cxef_7s2ZTppA7kQJZXiuoVK0UzxWW_bWos7FJ0kFyZYAmPvKRDAg1lbax_a8oMhzzmOXEJV3jiMUA9taSLvtMs2cjRhLA5wi58cdRqZCVAiMmydCNsgsinbNXF3pYpjmz7UjXxi-0uy2WR7-1bMTlAWBLbpCOISjncgl8f6WXvraCQXt7cgoKbH478mtVRGimVV5YUqrpTUe3kXIhbLsMzI8yXo5STHRWFafRgIF7OAMoYl9UIQKpWXvfFC1NhhdWRB_hADjGPHNOeHAg2CX-eBufg0DiXruG2t8VIKYe4xBBOtXym_gJhm1PNFLbd-kY0m7xFEMtTv5KiTtvwR6vywL5mSQkzY0MbyGDssHsp-nM7RznCEnKB0OEfMYYllIu3DXA5WWkMV4WIRdWx-RcTGvWCsMD9-87UJ-B4fqBz5LrRhsrW5mAy8rzoQCp4YTnzTkFiEdUKZ-W_JODUgBsrcJvAk-bxxpliqCkYrSF1iFfzZ3v5sXoF6biVOD1NFcL2ZFgoocbz0quQ5hN2fpP6OASYuiEvcVlIo0Y3sy_MvpdXy3-6QahVGAxaoEidp2VKx88vWu1XgYL3IHMbU_iCvVKJYJU8GAq7jlr1IUWtYIULj9wSa3SBAK3hx4lmJxNEPoE-ZgS1lVKNwcPbe3Me116go42L4TIAvdDgSmUNCO0WkIsgrUmxk4bA3zXyYORLiCzp0ecx3vPYA7mdYFlj6fZTeoeh7kaYsSbdyIxBvGi31sXCquJStm2oB4nArniwBT4czFqvh7fd4FKYKI7JfV3rFEe4YUmWzwgOdkJWvtjWyIQDXhh1xZ62msMFe5r_c0aXurAw2DS85161UBeoHbxLhoc6aKt_J1ztOgFTEVjyA9hi-Z6IRY-ALw1XDjc9gpdiHML6Ulel8527veBqORSA4x-FWkecCjUzWw3P9sA7mKs96wkYFfMOaFq1K4qCt5-rZZA-CyfhBkfa4aijRbqr1X3HxoE8zaPQ9QPz-QxzNk-sq7O050wsd2CDU58bxEqfPrEnauxs4f9tMg9GUyVuYPzvQ_yrWYZpsP40xl2S_gB7vloNe_WRECzMCeRiSe0n-FZbKGQj_dZjz9gw6p-OG8harrqvlcaiwAXo20CFjxa34_g-EbmZ9_7qgMxtlX4GeIMfqV0l5IzFqV9B-61mH45kMU0mEbeuXC5s9sQUFFr5Myy-MGi2aY_flIdK1aMpSmlQGZV-0TNYR18A4IqrkY1ouM6fGo7Q-J4lOq2MrdThkJF-7KbeCJ0N6PQIF0BJizoI6guBTBCgx34XIMakNxh8tMOKIL-O9x0N5wJUJxaZMsPOJR6NX6YYsODRaZX2VkdtRuXvXE2IGET9otO0QbqqMalRQInOOuHKh0U05OotpaUAyhMK-NV-3gI-OOSXJbwJV-K1AGGf2JXyaQ2rJUdYOMEPARmWFvWGX9yjlLitNtYtOWZvhoLCMOY-vtMqiGhXFSCfMNNNQ9Hk6iksCKxCWvMBbNzYh-cvKJPDg_KdI_lt82eGDF542qhScsHBNSbElmDXwZTsPLAktEdwfv5ycnhzppsHl_2JSVmCKtFMnF51PEsKsRXPS7Ad58UAtw5yaUUR8FNYA2TN8i91uz3rsv8zPKvuPNu6lB26-T1gTP8KHvmaxv3gSI8ObEPc38hEDbQFVTo0F9dXj_1lXoEHKaQRAFORZYwYGKLsv6O_Wmfq-04WRpc6fmwryeMDHe0LmoAfXkOyhFhcle0ixLzdeatDaLyVu9lcuOF2AJkS6V2oier7Ujd52WXGbkxylBzlXz511pNamu3RvdgxJZ7ObJmdhVYGLcfoJgkNQME5RrfsVbf7lA8BVhenG80SGYza1ki-7KzxH21YL3qbS1R3YjFH7oNmSfTH31klIf2w5cSfIdEH1GGGUJIabolncWjgxxscMQ3H2yhgXf06WpHbfNKU0W4VeUH_6K6oEt8ZGObUcp1JSDRuv4z7C-uIJLgK8YlHu5BHXdvZdvTYh9BHeyyu5BM6EAvTTl8Mr_v94bE4azUF5IhKEnf60Iweg&cid=CAASFeRoLrdhKgVEtihBK4jPGjc6VVWFzA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3af7f585fc657b2abf9fd7d20b33bc0d45666e1d36da4deb424acf96a434c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30949
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FDB 0
0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9FDB 2 KB
1 KB 420ms
419ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:46:01 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FDB 0
0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9FDB 15 KB
6 KB 422ms
421ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9FDB 0
0 3300ms
3300ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg1KwdqUmYKswBfacuoeOc8XfY4uajq4__i1Kj5g2dtxYxLeb9TpSrpxgtHJbwKMsS8oP7Gbjbp8ojq96Ek9av9zMgMA
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 658A 0
23 B 123ms
78ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F9F 0
23 B 81ms
78ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E2A3 22 KB
8 KB 665ms
665ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0372 169 KB
59 KB 725ms
39ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Origin: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 05:32:01 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 0372 0
0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 0372 24 KB
9 KB 701ms
701ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1dp93FCZ8w2OJNsbd3lrqWE0pQX0PiDFFOTjoO1MMdHuLgVjSf6SghunoLfcsvdgAU7nJ86JxQlpxcuIHT1vGvvlzvFUvX1nQ7nRRCFRyyzzYx2VfNCZYOVEfbSZn3IiKz6x8Ql5yFx4ekFDXbWjDnnxXOw&dbm_d=AKAmf-D2e1PUjSaF4IMpQumytI0JQMNXno6qBAH1idUKZfmkBsJu1nUEKWB88_QfPH8iP0-CaYSrhcdKa_VNpQUzov_yyTP6sOxx2DaUY2F-6ivlqzQlWJZPFBuTOp1C5ibH_fy9VRJInlBzmDXwh5aCfmj-fr5bLSObNKUofxUKi7wt92AmbYPmvl4uBYpv2eb0Bhs60PiosHYUQttaK6roJx1ZX6rOmzfLTMbnO_sdGpi6t1zxgVPXbU9lqgC_ZIIGElsOPIY57pxDLN4cvFYdR29SrAnn9G5Y8c7IGuNWpAgQ7YlpQQwmS7ckm1zAnqgHoH22ecxGTY2ueFmBD42HqKcueqNgWFyfOlGljWQH4trKxiRoMavwAzmF19x-PMWPed9Papd_F7LgNC9BMJIVF7kVhU5eXZS-7rU-7-mtp-OW6R4e5aX-RX-dB_JvuB4kkpoJGxjW3SrKWmd1Zk5LlDQrAllIDzpiZHKzi_mgP-S-E8x-HxTQTcLnrbXEzTf0Or0-0QHkNSiel5DnjQxYcLc1mvGRO4yl6SMQSFWyzxwTLWK4OS17oIrBaBxUsok42YDPrMx9wnvLRUPcXrQ7D-xA-B_zlYgz2123dD7L38TzsKrwDTKPjdqY3LFN5o15ajDpPfgaf2MilbedJRGOQvAWqFLhotsE7JSrdGwfhG4mjzhizDxLuB8gAK90pDLOe7urjN73pJw2xjBYy_W4AztwcOYWhjzqnXg1Bwd-reZ1RvXFi3GBgVyNnWX8BTBAPwNBq1xcLXS_jWbzT94Tum6gaOh6nGf8yeDbx8gsPbhQudrZ0sHfB38gbme8xUUMvyfu0hm6THjVyOCV_XmRLOyND5aoJFlGbMYTqmWijH2IPYjeQQqGdE2BjjS33hsgRJcuosNIrrg0Tx2vU1IopeNKmU_lGMDwHrMTJkY1rmqcWuvLo0lkSw0L4aNuA6dTXTqQHxt9dC_Be2ok_GQMV8XYqjMN8WOVt01Aj8qsxSQ9D7M9LimMLTjELYoDBGBIufCVPKuCyCNZg6WIzkCHZvPxHFLwHOm14RfNZazFNdyIx3L1f-05S3Z5j6RhDeszOO1ZakpKVWBh6fIj2c2SAaMAWbhpOHyajTxai36M2N63Ri_2wpEuWi3BH0gvtu7_wz75C2xtkoAKnrKo3ARN7OZFUrDC6hjxwXawTxcA7xznk3cYxEMgkKr-oje8WGszumqfN9SjlTCsOClnOB4eX__xW0NcmWPHAehwLuuJy3DoolLPxDgUFS_qWkUkTknXsvWZ4mQcmKU-nu_jF0MuDa7UTa63JKx1t4Ta2tSSW0H6IzzUdLq1PyeKq8zLNnKEQhM3Ayjv7_XBKyz0CiYz9JrxGX3x9uzm4sQmL7YrEhRoH8f4fDMQ2I11quOqsWJJWm62Vr8A-wydOzn01bec4c8NeqfNWFlKeHv-gCJqqWWPMssjLdZpjyY83Mn1pBEcnYwA8EvGyph2iQheAq0u_sz6kQ6LVp4pUokaSY5Oqv1mtRO1k6Qvr1G43ovsVR9ZTh3SGtGsnoiXa5raUJbl8IBPCA2Bhm6KMgUu20ptDObRY9LQiJc6PZHgv2qH9zCkPdjX7wCa2BXLNECZU1roAwNHUP6P1YeaDlNO_xaFLoH1qYxb0coX48R4FpMdf5T56mec7NBD7YEWdqUfF3mCPPaaDLncO5UfhGO0f-gp0NDRRVl17kTi1aoipPxFnEG8CL0AQeOE5uKkA9z4kpXA7Dj_VmG3fxmmyZD0juFhVVQgCrTyqlT2kFA_Bw0c7AfCV2ppu6bXZqRDCpVoxPLMYFNQHdFwI02UEQeqy-Z4dScLpITgdQBv48tP_dDp2CubrwZeIK7WwNHuhIOCIJICprs6-umvypeT-ZjhFLYNAbpQKKmU4s22b0JYk5-Q0AOwRwJzEJ3A9WqTpWDvD0_bpkNZAkJxgXmHBt9awlHV8VcmnIhpSpEmxpCOfl6qjHMnFXHTyzNIC5VON9WnkQk8miODNbL36ICQSNJJ1TEByOdEmzIpuU0uiGIy7jZINIIRT6n1iAu55rcLxItPLm-gd47OcqHt5zwbfWOlTV7rn-fwayWH6kI-FC4XO6VYM_BerE0isDsJ-YN3YCi-GlcSm0w8Z_8hoRDh2BS9p_j1iHjRJW_qYgtIgJiUqRQ7g8pZ8mjqFYJEyakKwjC7UNr0SPzrjurGsimF7JoTRrUZxEheu4NOBC8hgM6_nHmqdn2foTLQe1T5pR411sGboMuMODZ21p1yq8SGUV7ZGm07k4e7fdVBXlXLU-6CgRCfbziaP2ZdqM2JZ4vaN8Vy42HTk5s4MpES3m89LXnwZ609AaQ4NjUSTtreFys30HjrgcEKtYHUNWyan2fOONuktxeD20zzNr8h3Bzgz420yWfzusFAMzsjq2B9VLJqDU-lEwWiL2GRmXveqNCxgHTX4fIBAqOJu7280j8iiUw4t2L82DhfEa01fRBVBZggkZOK-sGjdE_b3pKYLwfjTpc_o3SV8kz_BTqtk7yNOaVk-lw9UTl3cvkkBV4_WpfMDWBLjeWTsPslBh36sM0EDc1aUXlEXF3QIot2uBnXUXXO0uQSTW-o-dQGrjK5I5Y_h5wUkJ6fGJU0VAvw9QPRr11mwgjb5Bd3tCJbQgfrTmlyWi8A7UcnuqA2ayhFGE3DuyH7PUqfzo1k3LHKLTCGUwowNaOsL4gzFFAL4hOqdVxV4Vnl7BOXmrM0extjpqy3-u5P5ko0yeUyi1VmPKO5nkO_RKYzwWEGc5aBJvoiyJmPOEwRPIRluuvfhHjmcCOMEDseTXyr0jgb5EJKb7SiZesTPx6nWx9hWCLa3IC9LS0nY0Lax-Y1ERoHLeOUij2Jx5E5UDr3O39rCAmFFNy0oqRL9rcGgRhkMHmjH8nexQi1ynhvIoLEi9CHYSop0zp7j6E99OnbvXM0ObQ-gACZu_8Ic5yPIMTyuvbIQ_kPduSfpPALls0r98907lDaL1QokZhxHjoWl_msgeyY75KBsHZiEv7Y1EMluFafkVhHm-kdwHUl9bh-d_PP-vH9ekjY1q7RtJ0a0yTT10Ak&cid=CAASFeRonrgwV5bfhEWU-ZyE_MXNeZ1tNw&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0745 41 KB
15 KB 287ms
286ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_rsIinqen9yPe9_5ffFGAPtZGdTESly8Knv7F3LqkYDOdop2cgAZzkBr0QahZLHjTE9-Fi112dyPWLpHwNlNPyxjsPHLswTzfXWIuELdm9IFSZ6szBtevPauoTS-l5N_wBg0hyfmF0l-hA8IZcHPROpQplw&dbm_d=AKAmf-D0jKbh750SZLj-ysA0UMQAxAe8RUjBYeymheoFiYFp_pw6Ofta2YZoLrGXWJsapDb6CLMXFkkqqkm0ifkuR_uBDcCQUdjQc0agzN2SWCvm_1HakVzwCc-CBUw4NI3mwoHtjtzZBglXM3ticD29cxlJLZgH5etx-ljQspTmb9Brbf5W4FrZE9m8EGua_eEjh2aX2d5dAwuk_Oq95cGx4Aa1cS5TUPOMrMdJPsx_XncwZdPvvl6uWnlPw6-xvkNqOkn69gaDjl5nMY9EbdQVf7dPI9jyXWTahPIpleGvbVDVUEgDnoIkSwpM7A5dXgf-bp3UoHEOPOpv-d8n6nekSPlXjhN5AHfWU33j8XBNfRJNm2WY51mjNvJW5yPEfee1nKeyeM7NPxSsSYMptBAh9Oo_wT6-mgcgQA9VyHhO-DDDdBvv0OP9pdv4SRAE2ScRicETlTUhQ_1Tk-Yf4366MUDZi54KxiHB8SkgmRZwdpqJZqefnnXyoysQhf90qy8ee3C1StuO3vLZariWdq9JqzFkGlHB__LYejQwbn7sWerNBOCU3iBTHEXC3C33VvbAvKoKZbUyTUwjH9bUpG67ZbLOObsOmWX9XZusXxoyRpDPH10FXIH3iKQMo-phbzf2LgN9qPmDesBinkjPXnYelJQFTwMdG8Kri1T9n9ra_qSUVf4F3_Z_BSCjUFANKhNY9eQyGauEaqJXTyWCcuYvD4sDWDWt219-D6edLfUkIuA6AGW6RtIBlz62o-8DRzjqIXUKSWxhCP6FWCimm1BSuZubXEQx8mqCT7oXiY5GgKmUupBlq9TUhuL_hM5hkZfxii28EeFkWgi22xmGv8UaonoCIVShA3vVHmgj_n8tdfLTzFy5D_3jRkabAmkQ5FGMQFvGthvefGVfS_WKfkThO-95NEPmrU_mYS4cQT0e7kGkxgIo4LJNi0w69jJlfqmAUk5VhXXOw0I5aXg-JU4B39xBKbLDbIGU4UvjwuU8hVKHWeqCJ44S0tf4_jWzJ7s3vQh2RWmghWNcbl47cyW6sPNtFPNxLtv365MVubYmj0uctqOW5UXkGgP2bPM6Xy-v4ntZemD7hilk_XtrxecxANQ9EKNaxEhsAWukXn0Jj581LBE9u55w53oJ7qQG-LCsOxKT3IeMt5jHmEipnVVf3fRc_MA_sIT3MTlsDvkbtcSfqtrVLulA612iA8TYMAbTcKfjr6Oc9s6cTS_MlCZZ753B0R8j8W2spIEuIG43S0LT6ydITGw9EOH8NJF-Pt8P27-3zH5YjiUGvdpVjvMT1-64JBi9tjOstDKv4ttio6Xl34VdrnvH7aB2UrMiKzBf_OWkLaboy4AMTH5vvgL4wGJJ5Py9R5qdFlRfn8iEPkTO-ZR94C_K3PKSvaz2YA69LOHHhkQU-JZ0BTb3TMxv9cNfSHmfaB9sWOZLfhfZzChOe1zeKNwlflevvmSORhqf4PX_oZMkSg7nLxPqGQw2tHw5QmRuOurl-U2hYe56pWrjnlHRHaLLtxyc8EKcPrCiRJ3NbDyc5i7NIw9w-x9-WAHKCqGrhvMnlzZfB4xB5aby4_JFP6b59BSlgU4aC5SSNl_vCpQzcRYhUOiGOxCZPxxBOSmcVRKkauWUQvTMoRzKRxH4nYWrVQZxWjPnBUcyVBqCSqwDxG6T1ZCPx8oOgAcdX3mryBqsgHVAcdLty5Hvl7VQAP9_4-dvTay8W-zYGU7d4GkQM6_poX7ufO1f5B6aVI09PJMf8jyi2qYd1cwa_YQrMs2YlYOWq661l1Kk4bHBTPxBH26FHVO2c3bqSLhZ6CHh4GFSId6oDspTQCMV8G8my16G1S2a680Ezl-c2p5m026r7JHeBHU_P5VUMJsWKtEB1JRoGuNTOodkV0GeaIkt9v_r0w1qP9aGlI9kWc6uGIgCrZ5x02vKtqkmWCrQHqpUsALNMLEN6uoko6V5x_-lhrcyGYPxGBL31ZCUqvDiqJ0nhxXKER3KJQbV3Y1bfbLCV91aATs8BE19Q0bBF-Z4prHMjPB9n0UhEzZ2r_5lQqAfsVxXkUSDwUTslCHX-6Svl8LUfSKE1c8kzczw0_pBKIrbdhvs5sPjQZRpTehYLwFbVOsMkTURZmJSKEvoxuP644NEb9QYKugtYdngsS6AqU9WN66yu1x37-N-_iUbfDgSBRWZNi09yQ-ldDJ1oD5dofBy6lm3l9zO76uVV1o_n49yhYGsydf5W8en-j61jPeby78yICzOflfeKUyFSFcF7lF3OVTzImRpax_-8I6aX3yYTuQOJg_wj3EfhRbJ67z7ocNvZYbtocv25b7BB-30O0oW5h3dxQ9iXL2wMcTldJ6-kq9VU89a0BPojXYoWIgSbAFiDtQRYtPWfRMfOpbr278f_RiSbhyDvDh0qlGl5IhaIuePh9UvNZsD5m_3LVgSYd1BGt3zmVwRgR3k8bsD6nlrkTLp2MjHUf130YCHH72jY4HknnhSvro6AMa0QcqvbTwOuPPsBIOPm5B9JQ1calmZRheLKbWddhNK2Z42sflQRu_u9PGvaQsRiSptipLu&cid=CAASFeRoBnduNQPAsSN2cA4RhF_AjPTFbA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 0745 24 KB
9 KB 585ms
584ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4GxqyaEqzPSmRMHuU7iElxdIzIspFkrQkATARadWJE1U5pEpRgTJZgQk-uku7fk5wqMriJhYp7yS9s_6FEHh4AEhu9ByiiA2sUIswyhysSSb9pvp67qeQJBBlh-SZhtbs8eJt2WQ7q_aP54lQTTsRdJWNqwsEtkRAKAmf-DcnTV-Dz7LRFTtHCr00Vrwna7o-OQzU7GvPTBUQkIeo_i5T4jpXA8mEZUCEuT5uynKTAR-MWq88EbtTJY_3c0HK2XqZ-RyPtChrd4YRXoZ73NDP3p6OmHQl-y61Av96r0X90F4A0ERcAQllLQb6c8XLJZ5shRW1I5CMTv1-QRCA2xh34MN0uDDI6006PBLIEnV7IJ9ynKSSiVxIZBjtTmSgvHKCOJ4_Ktj4PHxKwkzzP3zDiBGYftid787f10ABo5_MZGg6KrddZx9HKIMMc473zZpjwX1dycnfcs2H6cJ7Y993BRbjKA1pmb5rtKprV9qd3TUpD9RuqnstKFoJiIpUxQA3SoBJMwYI69uIMXAUq1bh7G-gfjDbyg-52sPn0lnWcxTW4kqcVgl5LkGlUIoUdVzA2j6HRiqips9gcOBEdGm33g9B2-6LXHNEhhxbnvRaevNkG0lYOxkCrQ1r4uqdcy3jqpxDp48iV6XA0U0lpWeMJE0D6CT66Eb_y7fA_HVh8ssPAdjrNxByEKE0i6T5ZmcrEyOcpFmRgG0yyHvAzKLCH1nripFvcj-rIKuMnhXncLOTbCqIF9gi7BIiFrJrP3eOSrC6ZgWPDNVpgoNghu3M2i2bngDIn12mzpfH4ZSW7NkEx0bcbVECVDlHTOEGL2N6u7L9uE1Vl8_piAYXRrQLotI55vT-rX1d9P_4s7urOqoIVLHrc2qQHCxTBINPGB8jAPFqqhJGxLUir67Fto5pHmtRXzrc89jev_C4ANudM9gMDyKUt46IpEKnm51aa55lqPKv1SfoWg3tbnV8mJNTeU0C0We-syHtetN5hNas2J9GMgCqHGx_9cWEoeSdyYy7VM1pYUI1zok05XGoHjqUPjmZTwZhq9etcG9bCJDF6XQBlnBb3s7dvAjeFeTDpfheFtJ5oURPFITHkozXhDyHQ_8c1SJP9najzWV8Yb_t9wSsPyny_vb5QmLuVlJQAdU4LBJNcXYCJuyOiF_KP5yGph5zYO-s9uNIJTwMrFHWRHA8DQuuMQq86IBCf53T4gSD4ztmmTvhlMO-0BSy9kRoLWLLqVJBoxBjIrl52hFEG4tMzmGvtK20ZUoBXfBeYsgHK6IvfDgwbgUWotgEW30yajIjkiCB4iO6kMa8I13hpDf94XX3dOsCEtHGbyfGpYB2CsbjTq22TT5OFXoWH3MAMIzqnQh7HQSNSVynyJrjhqkMWgpnBL9CMTCHHPKTQdVGXzcAoS3avr8sAEqOyGSHqGpah9SU2n1lsZtGuSGUJFi57oGSR4s5lkkfgCM0geBxzsl_Gw3zbRTCKYpDoM3E27C-6E08c40HXXujhn7s48pUNibBOKKsCL19zc8VrwSfGj1uWRMLA5y9P3cnF2VyXIgmqDUZJiqO3APnba5TNNBw2SQBWMaj9-i8kIcKCrLd-O8nxURTzPciUpH6OEEkJSQmXSGK0JraIoyGJtyChjkog1gIvPDotBVCJ9epVg-8Ijb6nDFd49oCultyOIYgp_Wy2T4Y-3TdrkF_UnhMbMBOqCP4G2cUsAncmr1Qa4j9MGAriGQbrYPJi4IxTkX4Gy48hKAs0UJeOSJ7hbpi93fzbRDFQJGzfzIiVINcij_1MdD3UN6YdPcsCvbnJPWwetmXU6Icw3sJnHV4xcAkA4roVrpci2WL713Lo5f711I5ZSWMnS5EiiEIuZfO416ZAtrzgadVDs5ZmFSRIel_Ia5rQI6RwSHw4mdyVdkISjqNyShlS3Ev3cysl7t5_AQ51F01hFbocl-AJ0kPkP0AXrkB-VAs_hsPi4_HBSdW6WZFLMN-NlI5YMnfWK684LyiOfVue0dcBvvBN6KtXP0zCz4XccqJqS017kqI8RG8bEk0FNpNmy6jTCmdRxYwQwMh6mz1arWYQpRzG8gIHQR3NNJEClRTX6DRCkQVV0pRj1uhaF-nyPe8zfJVGPA2lT2Jak-R35WL9ygDZfUNoXFQ8aX0BTtPee5Ktk4Lsk3NGgTMB-4kS0qPTFwPyeoPtmI0prNSjs99NFDcfeCiyAg44qpwk1Wyz4wLzBn6ZEuDILX2hH0QUDf5JIJPSN0vA1CndfhOAF9j1VdsHq_PFvIDZ_8B6a-87BpAaADRaDGNYLABl-bGkO_ZJpf5rOzu6g22fkzA3iC2wHAHjoC0ii6TlpVGGgQbpHBK8L-M-zF_t8iqslHGGZ5efuc8ZM0xpxMO7IFx_gVAzse0FHYwmN__OLDpukgOR_fvMjh52KwTGCtsM300t0OAge-AFy1q3P_WZrXcPh5CJgOXW-aDcd8DilUrs62i017Ccn87gptloBH-nYxaRv-pg5FSpqExfZX8qhuzk85fVrnTDn6abxYxyT-mbGREm6khNQqBd-0DHoKMdN0dcRFjw8xCeAk22gPU3jNTcUYtxFrMZbdvXANir2jEmg9UfQqpaYJdrHtdmFgFCJ4TygtmB3VdjHFr8f75sPLXmxcNwZlcJgNZnyV1PfJdsCJto8HJTyakSviOr91PZC5hGs7yebGnbNLcLkGiCr5EJFmKEtH_WFSV-FqCYuZzTBqw5_RdyH6g38MfohrFq4XWiMCsvPV2EZYOQadeSjLnG01PCMYa2QCCzVEUQRJQX4JYshMwnrCykq9dNE9MTJtchnYPJLX1xI5A5LRLF6gcY5L6iXyZhX0WPLLzweEJI7qNxcV5pvj0OCadbWxQYyRpaiogj0UeFKdYcFf5aFlawRNZ5N782xOhs9jobagcLbiDHUcsLFM-Gcn7xZ5syYD8mPWvpnVoLEUdmS8F-216dJOnOTKvp0_XMMxTkqyxDT-tBXrp4pKvOHHFZPr-MJFNGxr2oPVN5LWdwU5Xd25y1-fFW9kXcflK7l8ULHloHKXcd15i0SRDuMpxLwAV9nHKL1BlKY6UI51vikuoglFmVJrguMP700fudwHFZBSpwPV-cb7XP6FMO1xGetHpHBc3Q544-hfOBcbXa1kvNVoFhIhylmmYDVIpc9bWSGoGhkIABIV5GgGd241A8CxI3ZwDhGEX8CM9MVsYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 0745 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0745 0
23 B 71ms
71ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunp0-cs52dMCAVXbgtRmEpa1vRotfq45j97GjBxcJD3AYfxGMfYz3xyjBe3iYxALJ153cVWQ7My_SxgIwDRH-lG-hdwexeqBvZzxn_VljL5ZOgnqf7KmrEo5idrtYqhYXzbMXrX8hE&sai=AMfl-YRFJ9Zo7pcYmqvP6aCiTFJlqt_ydD0J8zDpYi4vSvMqBUwMY5nC-atWwASuuoEPHAEvQxCKXiCTpIKE4IhhCVa08YRogDkID-wLeWk&sig=Cg0ArKJSzKIMFu4SBOd9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.74537&adurl=

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4GxqyaEqzPSmRMHuU7iElxdIzIspFkrQkATARadWJE1U5pEpRgTJZgQk-uku7fk5wqMriJhYp7yS9s_6FEHh4AEhu9ByiiA2sUIswyhysSSb9pvp67qeQJBBlh-SZhtbs8eJt2WQ7q_aP54lQTTsRdJWNqwsEtkRAKAmf-DcnTV-Dz7LRFTtHCr00Vrwna7o-OQzU7GvPTBUQkIeo_i5T4jpXA8mEZUCEuT5uynKTAR-MWq88EbtTJY_3c0HK2XqZ-RyPtChrd4YRXoZ73NDP3p6OmHQl-y61Av96r0X90F4A0ERcAQllLQb6c8XLJZ5shRW1I5CMTv1-QRCA2xh34MN0uDDI6006PBLIEnV7IJ9ynKSSiVxIZBjtTmSgvHKCOJ4_Ktj4PHxKwkzzP3zDiBGYftid787f10ABo5_MZGg6KrddZx9HKIMMc473zZpjwX1dycnfcs2H6cJ7Y993BRbjKA1pmb5rtKprV9qd3TUpD9RuqnstKFoJiIpUxQA3SoBJMwYI69uIMXAUq1bh7G-gfjDbyg-52sPn0lnWcxTW4kqcVgl5LkGlUIoUdVzA2j6HRiqips9gcOBEdGm33g9B2-6LXHNEhhxbnvRaevNkG0lYOxkCrQ1r4uqdcy3jqpxDp48iV6XA0U0lpWeMJE0D6CT66Eb_y7fA_HVh8ssPAdjrNxByEKE0i6T5ZmcrEyOcpFmRgG0yyHvAzKLCH1nripFvcj-rIKuMnhXncLOTbCqIF9gi7BIiFrJrP3eOSrC6ZgWPDNVpgoNghu3M2i2bngDIn12mzpfH4ZSW7NkEx0bcbVECVDlHTOEGL2N6u7L9uE1Vl8_piAYXRrQLotI55vT-rX1d9P_4s7urOqoIVLHrc2qQHCxTBINPGB8jAPFqqhJGxLUir67Fto5pHmtRXzrc89jev_C4ANudM9gMDyKUt46IpEKnm51aa55lqPKv1SfoWg3tbnV8mJNTeU0C0We-syHtetN5hNas2J9GMgCqHGx_9cWEoeSdyYy7VM1pYUI1zok05XGoHjqUPjmZTwZhq9etcG9bCJDF6XQBlnBb3s7dvAjeFeTDpfheFtJ5oURPFITHkozXhDyHQ_8c1SJP9najzWV8Yb_t9wSsPyny_vb5QmLuVlJQAdU4LBJNcXYCJuyOiF_KP5yGph5zYO-s9uNIJTwMrFHWRHA8DQuuMQq86IBCf53T4gSD4ztmmTvhlMO-0BSy9kRoLWLLqVJBoxBjIrl52hFEG4tMzmGvtK20ZUoBXfBeYsgHK6IvfDgwbgUWotgEW30yajIjkiCB4iO6kMa8I13hpDf94XX3dOsCEtHGbyfGpYB2CsbjTq22TT5OFXoWH3MAMIzqnQh7HQSNSVynyJrjhqkMWgpnBL9CMTCHHPKTQdVGXzcAoS3avr8sAEqOyGSHqGpah9SU2n1lsZtGuSGUJFi57oGSR4s5lkkfgCM0geBxzsl_Gw3zbRTCKYpDoM3E27C-6E08c40HXXujhn7s48pUNibBOKKsCL19zc8VrwSfGj1uWRMLA5y9P3cnF2VyXIgmqDUZJiqO3APnba5TNNBw2SQBWMaj9-i8kIcKCrLd-O8nxURTzPciUpH6OEEkJSQmXSGK0JraIoyGJtyChjkog1gIvPDotBVCJ9epVg-8Ijb6nDFd49oCultyOIYgp_Wy2T4Y-3TdrkF_UnhMbMBOqCP4G2cUsAncmr1Qa4j9MGAriGQbrYPJi4IxTkX4Gy48hKAs0UJeOSJ7hbpi93fzbRDFQJGzfzIiVINcij_1MdD3UN6YdPcsCvbnJPWwetmXU6Icw3sJnHV4xcAkA4roVrpci2WL713Lo5f711I5ZSWMnS5EiiEIuZfO416ZAtrzgadVDs5ZmFSRIel_Ia5rQI6RwSHw4mdyVdkISjqNyShlS3Ev3cysl7t5_AQ51F01hFbocl-AJ0kPkP0AXrkB-VAs_hsPi4_HBSdW6WZFLMN-NlI5YMnfWK684LyiOfVue0dcBvvBN6KtXP0zCz4XccqJqS017kqI8RG8bEk0FNpNmy6jTCmdRxYwQwMh6mz1arWYQpRzG8gIHQR3NNJEClRTX6DRCkQVV0pRj1uhaF-nyPe8zfJVGPA2lT2Jak-R35WL9ygDZfUNoXFQ8aX0BTtPee5Ktk4Lsk3NGgTMB-4kS0qPTFwPyeoPtmI0prNSjs99NFDcfeCiyAg44qpwk1Wyz4wLzBn6ZEuDILX2hH0QUDf5JIJPSN0vA1CndfhOAF9j1VdsHq_PFvIDZ_8B6a-87BpAaADRaDGNYLABl-bGkO_ZJpf5rOzu6g22fkzA3iC2wHAHjoC0ii6TlpVGGgQbpHBK8L-M-zF_t8iqslHGGZ5efuc8ZM0xpxMO7IFx_gVAzse0FHYwmN__OLDpukgOR_fvMjh52KwTGCtsM300t0OAge-AFy1q3P_WZrXcPh5CJgOXW-aDcd8DilUrs62i017Ccn87gptloBH-nYxaRv-pg5FSpqExfZX8qhuzk85fVrnTDn6abxYxyT-mbGREm6khNQqBd-0DHoKMdN0dcRFjw8xCeAk22gPU3jNTcUYtxFrMZbdvXANir2jEmg9UfQqpaYJdrHtdmFgFCJ4TygtmB3VdjHFr8f75sPLXmxcNwZlcJgNZnyV1PfJdsCJto8HJTyakSviOr91PZC5hGs7yebGnbNLcLkGiCr5EJFmKEtH_WFSV-FqCYuZzTBqw5_RdyH6g38MfohrFq4XWiMCsvPV2EZYOQadeSjLnG01PCMYa2QCCzVEUQRJQX4JYshMwnrCykq9dNE9MTJtchnYPJLX1xI5A5LRLF6gcY5L6iXyZhX0WPLLzweEJI7qNxcV5pvj0OCadbWxQYyRpaiogj0UeFKdYcFf5aFlawRNZ5N782xOhs9jobagcLbiDHUcsLFM-Gcn7xZ5syYD8mPWvpnVoLEUdmS8F-216dJOnOTKvp0_XMMxTkqyxDT-tBXrp4pKvOHHFZPr-MJFNGxr2oPVN5LWdwU5Xd25y1-fFW9kXcflK7l8ULHloHKXcd15i0SRDuMpxLwAV9nHKL1BlKY6UI51vikuoglFmVJrguMP700fudwHFZBSpwPV-cb7XP6FMO1xGetHpHBc3Q544-hfOBcbXa1kvNVoFhIhylmmYDVIpc9bWSGoGhkIABIV5GgGd241A8CxI3ZwDhGEX8CM9MVsYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_zerodefectsV1_static_300x250_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 0745 22 KB
22 KB 341ms
40ms Image
image/jpeg 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_zerodefectsV1_static_300x250_NVIDIA_x_DE-DE.jpg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

26e0ecd973d2c25275a50b519dd3d47982c4e77302bee461c698db9768c9757b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:01:42 GMT
x-content-type-options: nosniff
age: 70672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22066
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:11:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 10:01:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CFD5 41 KB
15 KB 220ms
219ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D99gT_aWDZxc1AgLmiYobOFJ5xcVw7O3fGmMX7jj_84adEomYOrJvgvYIN8z_NBhpLhAL-iA_jM-UuaUCwfXTNcB-c8t1YA9QPIwxevNL0k25uJkBzneTKf2PWYlRcuqn0SXaWaTj6lWPOkmRbzvh4k4FYFw&dbm_d=AKAmf-CBBhLOmgl9odVhYdae1yHO1Hmgsx9LrvBkLWTxWXVcuTWQ_JxcTdtJMfzj-BR9sy8HnEuuc3txVYeHVmeNW1xebOYlM-rmluPYDOKCwptL5h1TKvkc0wPEJuaA5RuRZ91foiCh-sgZXeLAK0GQGL2pVXuP5YKtlQADoKu74Zfyesjcp1dNARZIPZL5yWxYcJ25sITFR9i_u5Q80BZ077sIYxchLd2IupEkx9LuCeQqpfHtm_45Rb8skYDoTO_q1eavKNBwFr2sNhOOAqOvYrIQSvI5lei4ECwQj-A4JlXGOXjjxVz2POitU_gVxDbXyyotApnbXo3b9maB1Ul8Wk9gXqZQMr94MaZ9_HMG8HUFt38vPQVvJSqNopVTaPEE0Lkg_6uc2pO72OX_UwPk0zP2nxwvt1qTpY-2yBszaRNFcZ52_viEPGvc798AVO6dmIsE7-q1mH6ws6gI0J2w1oqpV05RW2pKQYm8t7X0TaqbFarKSPv7CYcMOR8d-CuM4xaATmJJ5OnYYcxXEe4vxq42Tr1wvNXYNyjQgP1nTz4VA-foLzi5ZvGCES8hbYpXIE5tM4eSbUrnbaoEcZWHue9RaYcjyAy5yeqIRDPt_GK5EXtv2W9npCgIea4HONO6HZyaQhVqe1wBvRBkiECuFaDlb2R-XzBi0inraI07eRBy3mjYnCPVXWAlmA-i0M4-VBHk1jNTMgSms-GKvbxRjZgYBbG0mzx4-UgGNu_2MUyKZimcQ26WZc0qKbl4293JLFkr-MG1xZglpBxwzgZ16-bbDHocOM7K7bycvuIokpqZ-Xmhi_Jq-u1gP_mQE8RGst4p3EKbQsureCkNddNhBKubGnQUZ_akL_sAplyEih05oFSj8GoU882eA2cA1eJj1x3h_I3FjBadSJUHpwaxdgYDo2pgmR5CzRrBSauuQQtonh_APOPJ0FPuZiYD1q0ttBMDtBS82-ZcVQDHMA18VFVuMXf4XIWUbhH7bFcyGomRbjRNWnZyghHqzTtjRsLC8sUhEIyCy__28RZWd-OghZBuY1zm65y9dEXII0k356sBXbgSDFAwWnY0YSy_l9rktQkWn0b0-MGGkzcILgV9LN0GKE1hsUAfoj5BMaEqc4E8vUcyINSB7TT_V_Vv2dcg_kL-_i-2_-dhyzXf_LBFU59lA-sZpgjrgGL87Cca3dA12YpzokIxRs7Qz3XZbvk5ryY384v-AWGA6htlXHxE1wV71AFdUq-8xvYKX19dDgxv19s4V4fmDXV_OZJED75_HzwfXW3y_BhVUFcsLB4nEztDzHJBvTt8toNFzDoS4OXszIaaIMgXS4DkZJqBz6xRBUH7b7CYRueL_O5OqevHa23sz5Qiv9JUKym3YxkLjEKSfwY5MU3lAp5ob74d051-LcxJBK9B13SPpanef4dPApi5ypDItGg0SgWO6MFcuZPS5JnnS0NnJqEB24xZMnDcsX5dsRHytOVKu8BiEmUCYKcHi7xF1lN3lqM8Hv-sFrIIU1jLNqaB6cplh-ttIScLBjGxmCUNRz2hEG0NmQd-mXPcirWaDNkdaOmD5LCxAUBwE6-Patcz7X2x3d5kTxxhjdeCenEMpkItPAl-SINHZtkO-ADUoCL4CVJJMj4PYtZoK8nDvUV6tLfOmx4ooho60g-nrxg_l6tqxiDYrr52kI87EdwgT3m01xoxTpAHKAdw_v-mw2XAVXmhpj4C7EOCwruhkaGGVmO7WMVzBsDo5ctCoYSUwbDhL5_Z7w-BDCm0GQkVNi6sAzO3WlzGsojmRF07hVAGFcqxgtUHYC6BRXoOk0izz_Dzhn9W9fgpGzOw5A6biCc4utLe_l2UTYr3-tGyWMdMwxaaCKx8xSCwIgDU3serNwKGuM_BCu3sxk3Ys-31xrkn268_-NIhL2_Tk4BcpLs-cJGaaio8gr01B2GdidCJIt16OV0ZVl71U0QpwC8FqVV1J8B6Ey3rQOEX6nx_ku0zYMxnMZ6-SsvbauXwlBqhCIuoDNtZoTfc_cf-BVQEXD0iGWR5IPq3zxAjpaGQqcXyDNVlwZln3rLmlktL1uaDQ2iscyrz8Esc5w5s6-9r8JrAofbtuLkYI0liy_QoSIo2kIN5yYTSHazm5YPcFyAq4-kmKRvbq7XVtKwIyTNugQ-0sBR5PUDpaN9EZBEVb917E076ssfRmIWKPjMISTW1HWGpCT4js7VL6EDnptqSzcfLEKK9TBc2nxbrkifI_VEcPWqa-hK_lS-9aGUV9frvzzJYPKZuPWPeAEAZ87qpTeABMigMQR7FSj5nn-c7ih3I-WJpMvEsh401QqUx5F0B7qJKbe5DzB3_SaaruLcmUCqH8uq-V8TKpx7hoT-hDMvnhRS4Rh8TapAj7_3Jd4hinTel0RD-utjoY3SdumxCxOPR-ltEO0ue9SCIIkfPyGfhHUrP4L8oOg91mBroKhRur7w2v8arVTZDStj59YW5PgEfH9UDyHuQ1WEueUz7fN5zeBQgd6FlczLManMVgd6lvZU7ZC38CDGGxRmpGSsxo2g&cid=CAASFeRo4yT-mKC7I4RhqQS_bSyKIt3pbQ&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame CFD5 24 KB
9 KB 2516ms
2516ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVMwhUlUXaEJrCWyM7RP_l7pidB4KYJ3pVf--yqB3huyiNz4Y4&d=CnkAoCZ_4MvYtcPOeE45vFwl-iM_Rh8RcmpZ3NUSmKcyLR5X6MRAJJJOEI5yjKzXWtwDwhD38P-F8-yHcGFMAdL9NngLibSan1gnjkerVrreIiTYFd3pR5rlubkG0jixca4Tp7_Zp6lUoqiVJ9woqLG6cBCqmLa6kiNbEskRAKAmf-DFVWcXWUIfCDR4a0iqRx5b1gSfF-ti4G7N71PlxIO-6UzZ57XclS5NV_RnONLGYSQr2XXRx8o2nnHkIKzHZDdAbiO3ReaCTLi8MY9flGpXhz06YeLMb9HT4rcN_7SiTqOrc1jc34T8s72xiS7g-RUtl3sKkcm03bpBNfCXcLoDkFibxQvVADxQ9iLfLU6Y_jssNgawQoOKp_Wjdi6MvYd1QuzGBT92FRoUbl1DQ72VfzAFzxQQ3dYaNKALsj0ddLSE7jl8QdUbtSXhumPz4P4MsmdodAocHGU9qeGirapNFopyQEaOgXdxTHPRW_MdlJ6dTwnzZJaORUX9vqXS-2Q9RB05_TxYM64rub64WE2Xpl5LWEp_7rpzNZVEDpyIWZoVZmtPssZJWpOlQOtDOI6KctJfgY73Af5Owd7xVkYTDcmvHuCBIlKiYSYr2CoH_bAVYTqkVu2QXziAvszMs75tQUMA5Ny6l_07b7_kGv05KoM9sU5XkFQle6gxqAbz8mS5tWRWV3Tk6kWd0uXcxg-tD8jJ_zW30Y5sF0XmRAWW9dltEskXjAMQkk6gdIKKIgNCsHaUWtIOxv0f7RRm3ABc-dan1f7crHVt-sLQj9CivY0U8ae3BD9fO07EEZ7NXePie1GeWEbEGvSwZSKnoAWYUAxGutpu9MHx0jqweiPgQ8hGS-392KByQ60fcjGntnTpgnBEQjsh_lkEi2BniGVPGOz4_321DE8C_rxmPp_MO5f5r4-MydsktD3V3lk4yfu5f7F4ptBcM3vhCgC68uIxgPnKIKfrfgZgLf8uhFxynfPBodVwO5qzjfrm46mgh-A1Apx8xr5jIxI98MZor_3Q64yGt8PLLQSU2jjg8JLDE_BZI2RIaNYlAXzF9TYysqeIbFIIYtrtXt0fxzHAbVcfJMTzjKuRlc8Zt9DSagyUnhEYy4Uv8Q0rhod5fe4d38rieBS67vZjeevryW6tKXuM11BIyokQn20oQcXSvgr_XfnGVfr0dglsp_Zcr5231-nYOWZj0u5a9kMUHEizkY0yrYMgpAkLF7rtgqa0pYEEgH2oNd7quXM1GgjV2jSHgOGGgL8BdQlFiyqslm3mLltGStv-zMNEscvlFAS_w2AYth1PnOzE2bvE9qW7bLoGFxFMk6QIUhgNfdJz61OlWM92HVVcf_yTmQKNFyUJHa1fQ5cWkvDwa-T5r69yrymwoujSDUXyC2OSBr-KjMwFq8Xddnd3CeW6zLYhU9Nu7Be0ciJl5bk9DaXkn-cSefZu7fnC1pp6xGzjsnDbOetxRAwF0KFTVjNn1NBa3dASBFCq22zXNdSBNgZodDABn_1q48biTcDewjQuvK-yEJ3hRUbN0U70tdc-evFRNyeHuYAEX1DseyhmpUbgjs94aOBpipZ8YzkDPtegXOg8_BVz7L1GlS1HGVJ5BGuLwfE_M-9xtDNwx9KbSUE1uY1w_wgDqNhrj3eI29ucPwqZa7N3olH8UmzeZqKw3SyBMeDrgtmVaIp93cmjkYZMSj-8LKierf9R5MWGH-BQ6kb2CMOnFOU8LjDxDvyBqaqn9NUv3IWbpnTiRrhsgUjQNOPFWpG6BN8t4oDu4vDtIbRf3xBsxfAl8HP0FTVgn88GU0YL6mMyHaCzVqyGTznrQYzxwUff4-uxx6HtvmX9Y4vevUw7psBKbUMqy0hRwGclAsRTAxkxmhAAAsBw5jZk7V_pqUKOO3F8bNbS4u_gTyZ8wCFSmbKDPEr1K5vax6u30nlXFPYP0tkHrk7Yr7uAJ_1isSop9kgE543vjiblvh2GyWOquNSYjwh3ZfI1HHtZyKGpZHdDuPc1MAx95cf3I4nzmisDXhw5YmWGiPMSkq-Y5DHhwLBjk2B2Ghah3TrprrA86nO4CAVc5UBM_-_8dG_iQD_A3TQyzOPLBa6c9T_GqbJtpr6pMUs4LxR7aKpWFRKNII4sIRMsvn5oQo0dh79S1i4clMq-b5xAm7MzmqDJWOxLgzb-2xnPD1tY1m37Ad8usVe-hjyZLvBVKoQ67-5XcsgDNqUxu9sKi-GeftLu1Cefz1dqht8nQUxfA85DlwwDJVb2UERXp3D_WqCm0xYUGxbNKrpVdEa_2DzSLLoCUelbOYk5By5qiw4ZIKuJe5xf8I-uB6ykXGoCKjitVoRpOxsq7LGHROd3ti6Y7gRSKfASCfmK0yeZrDNzZLSFNNcjnaaUfB_u0CtcsYJixtFr3C-ZWJhcZ0z-aZ-XACbyk6IQvrg5cyWe6qnShUgKPjzRlWvEUkRFhu81dfHU4AVxNIx-FCBTHG4ZSw8jFNNc6lj_RLGcnHQADcEn118-cdlOp2vBtZdc0gp5CKkRDu1K_7k9j-7N0cba5DUhLgS_gFPVGBlqGjdG3vlAS2SGtyr82P6zNCPUlPXfNmQANFGK2aasddywS0K-PKISeVi0qbJby8PQte2msdcnTe0xTPNolMdNbxF-4SYOzwVDJ724MAnrMwk827iumJDgHvtUTBsJ5WdEIbi68lwaZ_I-XraM5YEz_4oI5meJbL6mWKNo2vUJp_JzeyiOabFOmDwwe00_phvFDuwqHwGnEn9Ozux_7v1WS7ZGq5vT7IzNeQhTz0P3scSTSy_0a48I-TfDqPrwdEzn7xhI0x-LTgkFTgIu5U-cuLZytQlGapzS4tnv2mOjFVfVdASFotm51wSOsFzR1D_qxRc7Q6RQ5qRKD7x-rWNi-OJrP0iL6TDpgzd69B__aLbBhwoiMx9q83oG6pXCkK0t925-BAd3L6xh3p7pBXhyVflaEDt6DD4fO7SyBlCyP4gNF3FTgE0rCPjTxNRnDf2GM8ySdDcYUm5NfPLoUe6jFvGa0tP0UH-KofhFLSnv8qrKXhpF7Dc_rWD1bUzX7x8HSPVXvWPlyWxNaJkpoxQBgasfkXKMjOPHquEbQGW3izksBI3dq3NDnHtmz1HUlMVM439eS7cVHik_ze_rk6Gdkvk0nQwaGQgAEhXkaOMk_piguyOEYakEv20siiLd6W1gAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame CFD5 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CFD5 0
23 B 72ms
71ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-tipZLQR2XOdPk2dI2HOoob6HkdZ8kz-AAWRM7ryp2eDuTBzjuqpDmOtouUps6IfGMxuNya2Tp38qBMyC_5YFhGS1v4CY3S-0zatneJpFwLhEtluWM9RmxCNHFKBeGcnxyNTbx7EI&sai=AMfl-YQQLlp6_scrBFDGBmpIaT0EYQlSlNFpY5vJedXkgXr0scxz6YUWBFoLuhvnGIuAgdRLWx5nhOlCRYc5oV48oR_gA8sSRx5dWXKbRK4&sig=Cg0ArKJSzLIK7d7HeDE1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20211109.17116&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_reinventbankingV1_static_728x90_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame CFD5 19 KB
19 KB 341ms
39ms Image
image/jpeg 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_reinventbankingV1_static_728x90_NVIDIA_x_DE-DE.jpg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

5d61bef89d6850c7459614ce542bb9be2daf8a7d68d270033b85a0d619ef4aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:01:48 GMT
x-content-type-options: nosniff
age: 70666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19046
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:10:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 10:01:48 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 9F9F 7 KB
3 KB 34ms
7ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw1&base=te-clr1-12a5f8f1-0941-408c-a41c-b6483b66ed6a
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 535a4133016d221aca502ded2959ba988b27a108169393981848bcf03b028f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:11 GMT
content-encoding: gzip
server: nginx
age: 86183
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2470
x-amz-cf-id: 8TRrdqDxZqcLkB-DS47TQSUlh-XryLFRy6BcriYY8kqFypqtWdWpVw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 9F9F 38 KB
11 KB 34ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 19:01:13 GMT
content-encoding: gzip
server: nginx
age: 38301
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: oiWctlMQB0o6rFM82SQmlWJphJ9w_XxXqTEys3KfEVTF4JRfkrepgA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 9F9F 43 B
383 B 127ms
101ms Image
image/gif 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=7772
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:34 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: hB988cYZNgaSKeku8akL7GNMmuqcyuV4WE2hV0RrkA29fXOFPy2yMw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C55E 22 KB
8 KB 258ms
258ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame E2A3 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0745 0
23 B 72ms
72ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVdL0fG1z9ZZgrNqgj8GIqDyy1D5yb0J_gi5rs44LgkAOUlsZ8&d=CnkAoCZ_4GxqyaEqzPSmRMHuU7iElxdIzIspFkrQkATARadWJE1U5pEpRgTJZgQk-uku7fk5wqMriJhYp7yS9s_6FEHh4AEhu9ByiiA2sUIswyhysSSb9pvp67qeQJBBlh-SZhtbs8eJt2WQ7q_aP54lQTTsRdJWNqwsEtkRAKAmf-DcnTV-Dz7LRFTtHCr00Vrwna7o-OQzU7GvPTBUQkIeo_i5T4jpXA8mEZUCEuT5uynKTAR-MWq88EbtTJY_3c0HK2XqZ-RyPtChrd4YRXoZ73NDP3p6OmHQl-y61Av96r0X90F4A0ERcAQllLQb6c8XLJZ5shRW1I5CMTv1-QRCA2xh34MN0uDDI6006PBLIEnV7IJ9ynKSSiVxIZBjtTmSgvHKCOJ4_Ktj4PHxKwkzzP3zDiBGYftid787f10ABo5_MZGg6KrddZx9HKIMMc473zZpjwX1dycnfcs2H6cJ7Y993BRbjKA1pmb5rtKprV9qd3TUpD9RuqnstKFoJiIpUxQA3SoBJMwYI69uIMXAUq1bh7G-gfjDbyg-52sPn0lnWcxTW4kqcVgl5LkGlUIoUdVzA2j6HRiqips9gcOBEdGm33g9B2-6LXHNEhhxbnvRaevNkG0lYOxkCrQ1r4uqdcy3jqpxDp48iV6XA0U0lpWeMJE0D6CT66Eb_y7fA_HVh8ssPAdjrNxByEKE0i6T5ZmcrEyOcpFmRgG0yyHvAzKLCH1nripFvcj-rIKuMnhXncLOTbCqIF9gi7BIiFrJrP3eOSrC6ZgWPDNVpgoNghu3M2i2bngDIn12mzpfH4ZSW7NkEx0bcbVECVDlHTOEGL2N6u7L9uE1Vl8_piAYXRrQLotI55vT-rX1d9P_4s7urOqoIVLHrc2qQHCxTBINPGB8jAPFqqhJGxLUir67Fto5pHmtRXzrc89jev_C4ANudM9gMDyKUt46IpEKnm51aa55lqPKv1SfoWg3tbnV8mJNTeU0C0We-syHtetN5hNas2J9GMgCqHGx_9cWEoeSdyYy7VM1pYUI1zok05XGoHjqUPjmZTwZhq9etcG9bCJDF6XQBlnBb3s7dvAjeFeTDpfheFtJ5oURPFITHkozXhDyHQ_8c1SJP9najzWV8Yb_t9wSsPyny_vb5QmLuVlJQAdU4LBJNcXYCJuyOiF_KP5yGph5zYO-s9uNIJTwMrFHWRHA8DQuuMQq86IBCf53T4gSD4ztmmTvhlMO-0BSy9kRoLWLLqVJBoxBjIrl52hFEG4tMzmGvtK20ZUoBXfBeYsgHK6IvfDgwbgUWotgEW30yajIjkiCB4iO6kMa8I13hpDf94XX3dOsCEtHGbyfGpYB2CsbjTq22TT5OFXoWH3MAMIzqnQh7HQSNSVynyJrjhqkMWgpnBL9CMTCHHPKTQdVGXzcAoS3avr8sAEqOyGSHqGpah9SU2n1lsZtGuSGUJFi57oGSR4s5lkkfgCM0geBxzsl_Gw3zbRTCKYpDoM3E27C-6E08c40HXXujhn7s48pUNibBOKKsCL19zc8VrwSfGj1uWRMLA5y9P3cnF2VyXIgmqDUZJiqO3APnba5TNNBw2SQBWMaj9-i8kIcKCrLd-O8nxURTzPciUpH6OEEkJSQmXSGK0JraIoyGJtyChjkog1gIvPDotBVCJ9epVg-8Ijb6nDFd49oCultyOIYgp_Wy2T4Y-3TdrkF_UnhMbMBOqCP4G2cUsAncmr1Qa4j9MGAriGQbrYPJi4IxTkX4Gy48hKAs0UJeOSJ7hbpi93fzbRDFQJGzfzIiVINcij_1MdD3UN6YdPcsCvbnJPWwetmXU6Icw3sJnHV4xcAkA4roVrpci2WL713Lo5f711I5ZSWMnS5EiiEIuZfO416ZAtrzgadVDs5ZmFSRIel_Ia5rQI6RwSHw4mdyVdkISjqNyShlS3Ev3cysl7t5_AQ51F01hFbocl-AJ0kPkP0AXrkB-VAs_hsPi4_HBSdW6WZFLMN-NlI5YMnfWK684LyiOfVue0dcBvvBN6KtXP0zCz4XccqJqS017kqI8RG8bEk0FNpNmy6jTCmdRxYwQwMh6mz1arWYQpRzG8gIHQR3NNJEClRTX6DRCkQVV0pRj1uhaF-nyPe8zfJVGPA2lT2Jak-R35WL9ygDZfUNoXFQ8aX0BTtPee5Ktk4Lsk3NGgTMB-4kS0qPTFwPyeoPtmI0prNSjs99NFDcfeCiyAg44qpwk1Wyz4wLzBn6ZEuDILX2hH0QUDf5JIJPSN0vA1CndfhOAF9j1VdsHq_PFvIDZ_8B6a-87BpAaADRaDGNYLABl-bGkO_ZJpf5rOzu6g22fkzA3iC2wHAHjoC0ii6TlpVGGgQbpHBK8L-M-zF_t8iqslHGGZ5efuc8ZM0xpxMO7IFx_gVAzse0FHYwmN__OLDpukgOR_fvMjh52KwTGCtsM300t0OAge-AFy1q3P_WZrXcPh5CJgOXW-aDcd8DilUrs62i017Ccn87gptloBH-nYxaRv-pg5FSpqExfZX8qhuzk85fVrnTDn6abxYxyT-mbGREm6khNQqBd-0DHoKMdN0dcRFjw8xCeAk22gPU3jNTcUYtxFrMZbdvXANir2jEmg9UfQqpaYJdrHtdmFgFCJ4TygtmB3VdjHFr8f75sPLXmxcNwZlcJgNZnyV1PfJdsCJto8HJTyakSviOr91PZC5hGs7yebGnbNLcLkGiCr5EJFmKEtH_WFSV-FqCYuZzTBqw5_RdyH6g38MfohrFq4XWiMCsvPV2EZYOQadeSjLnG01PCMYa2QCCzVEUQRJQX4JYshMwnrCykq9dNE9MTJtchnYPJLX1xI5A5LRLF6gcY5L6iXyZhX0WPLLzweEJI7qNxcV5pvj0OCadbWxQYyRpaiogj0UeFKdYcFf5aFlawRNZ5N782xOhs9jobagcLbiDHUcsLFM-Gcn7xZ5syYD8mPWvpnVoLEUdmS8F-216dJOnOTKvp0_XMMxTkqyxDT-tBXrp4pKvOHHFZPr-MJFNGxr2oPVN5LWdwU5Xd25y1-fFW9kXcflK7l8ULHloHKXcd15i0SRDuMpxLwAV9nHKL1BlKY6UI51vikuoglFmVJrguMP700fudwHFZBSpwPV-cb7XP6FMO1xGetHpHBc3Q544-hfOBcbXa1kvNVoFhIhylmmYDVIpc9bWSGoGhkIABIV5GgGd241A8CxI3ZwDhGEX8CM9MVsYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CFD5 0
23 B 72ms
72ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 300x600.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/ Frame 8E4F 4 KB
2 KB 346ms
45ms Document
text/html 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

5b5c68a5e1ea3f117694f86409677a7fc254b8e5a067c3e9c1e2d6bba14a83ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1656
date: Fri, 12 Nov 2021 05:39:34 GMT
expires: Sat, 13 Nov 2021 05:39:34 GMT
cache-control: public, max-age=86400
last-modified: Tue, 28 Sep 2021 13:34:54 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0372 0
24 B 79ms
79ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtV05i3puee6lXOre0dfeolspEZwwGv_B8Z3wYGShmWur47SugTTw_eSv9hh3NkF7X4wcHyWpKZRBsjgFUBinS3Yc4tA5PB8XdfeOJDXXnV1lBh_liAHOE6lsXjQNjKCPj7j7iUYBCneXdWKMlMU6CYsg_0txZjWOJVUwSBqSFSwT7xU2WaZZ3oGPbWbQJ6LV5cHXLypoqihBi1t56LbPErgmCVHuP6-0kY0zbxWuMyL8S3ve4OU-RoTIwf-HomOcwyfaNoQSnpO5qKyiF9hqAQzFlYkK84nJVzPF4uIC-W0L3IhbLryYJPUGzCFzpTH6PJCZ8Iz7sCXn4hM-uWH42oiaC4fVfA6w2Qt86GXiux1HygHSsseY-djBT5Utv5HfaoQR0VpZkhKMlnT3VcC3vurfP85Fb4wqVK6wAIBeoaKF50w8aBHE7gisQ-xtAF9mZz8xm0y_dBSxX5Wo9HzTD-Avr9JvZDgj6AolXsE9ktipOKys_LmZztePAgUSjMMek7opUQDSHkfgiCcunSPClmhOJ0lvGlCtaq1CYWDo1Xl7ODxKObN_ZpHqSB8tdjnyEMD3SJCbMcoHdCpuJdc6ApNmDuSp1BU9-MhFoNp3sZiCS1YkTqpv74VAhQvJuUF-Dr9Pq62-zpcyG_pcueACS0ydSng3vkauWdQEvDrOmcGPl-FvKbsHN_RofRaIfdy3nQ-55QBxXJkv_9VzPZI5-OzRQtkFt3u8_YtWOegqCMUtxKDMyuxzOmo-RSWXXqMIvvc38Z4gJ-Wkz_t9qE5ruBxRDv9QJ6REy8sPO6_aOwGjucBBPUu_EELdw4zoIJ4cAjsGQPCMrrVylYa3GgMsWbGniZeht0UWXbUUSMwvax0wUS2qgqJWJMnb3Ljgvcy13A9-zV4P6bvmpsv6_Y6VnwlrrVkW4mNdZfLQWU_18LhFgjg8HHB9kh0AGjwr0cTUgaN4JeKJ_ANIXaFzlCoQ_yn0X9y8MYaM8VIuMZe2sItENcTC9KFjF6LcqrYb98OzwIVZRWuvTf5CRxRtuZqNtIR79FKMtP7IZadx9zo-tyTqlQ--U6ZXnLVHH1-Uj25BHMaCDQYcC4DrsRzE-287co63x8ahXg7Swics-6BDzHD24B4u_L3JYwDeGXWwXcmbDVOfAKytE2bCxKyP-SgOl613gLg_lY-2PYw&sai=AMfl-YQSoTPOav9MXSjhLjkbt8bK56GwalfG1SVZcTs_T7OIndZW_gLGCSeZ8THv_sM6Yagk_DvZCDNj4uVCIaqKC1USEbURCxeSQcrBfxlHUbMShwOU7LQ9BqD1wn8-zB0ME2hYx7oIJTi4QP7Ae62ylaNO6aLfa4gqvUb9b_4&sig=Cg0ArKJSzNgBOqlFhKG5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=823&cbvp=1&cstd=817&cisv=r20211109.01139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 12 Nov 2021 05:39:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 31C9 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkgyODBwieXVSLUErEvjyFPDQXsCAHOXEcmjr77-2BGyox2x-GnTEpCoobVHCFiMaUINLFpQijD6oAtGZMFZ6hZqWlWevu3d7qE9M4Oi53h6x06EFTp4G-ZvUxKPUDRmpZtfTKqVvhdi8eRYu7At9X_ByFcg&dbm_d=AKAmf-A7vhM85GF6sHXGnUzwzfUwCx9N6dTsYgY0K24t9OEr3yKYB5_0gKyC4_Y4T8VUpFhDN9zRpApL-g9zs5MTJUX9IRZcsbt86wNYldmu330w2qkjg0L6qjIcNxPb5GTZ5UvlsG4iAiayE7Epu2gs5sRQ89EhfXsv3i0UvUpYNGOlKshUQKjiD5u11Ez0bXlafcECeSqLoX_aUiDRJmHMYWNP7wNlY1quSNPM38kznE7uHyMpbHekKMQ39B_xLSR1GDRb1r3j3DB0d79kv_3vBCHH4inI3U2rBIsLVJ99cEcAUtQYaHLOQo_qNpvOuHRATyDdOUnQj8iraZpm7VRB9wEeMUdkCZHMYrY2sHHq2dCx2zsCbrNCVAZWhnPyDJcolQ_mDKqopNUgkG-RzwrU4Lw95fskVdZvcpLxg2JjvG1jjn0LSzGymfh60zXtFau7u-98PpAbheCr4d3bOOOWr9zCvPQBhvToShN8LfJlkTY0HYKjsKQ0lBn6Mfs7bhTets50h2MbsGeVcabY24YOGkxtG4uwGAa5ucLuHGzkkNdAsBc0PtEQ1EMKX3qcYboG2KF4RrcAwn2ZBpQihYwq0OdiHVdAX05YbY8twd6snTrTUvFb8riSdaH3UWWzp8fsgh0Q2glZq8PkF5l0vOnqiMpiqUe9ae_iiEEsF_2-HzoCDDfiXT-Cw8IazWIcelnD63Ry2RWh5Z4Q-FkT0CRoGzXTdluJ5RLGzg9hOHTOLEy_jcGr9Erm6Sm6Ed4YmeodTPRqHCuMY3WSPpUuzCQudWMnRt0DIOpInr5cvgQFxRpNzotmnCS4kkKSDtmFlJZmJbMaBhB3SZ5jqudqzHxjdhUt6a95TMrAx4YUmUoTfQftvNIUf5FQB5EDu_tZZbEOuMNs3mlPmpOsWnOjHwHtogNKLO1O7e_gmA64h9BQantwhDGmdScOkEWwoht13i5jdldH3X0VTekrOAzwmkiVoBv85bVENMw9i2ev1hzAVhD5mYkYyoPAyTBvZ03eMZQH-avTYuospk5tROB7Z9fA3rUAK9OppcSvTwGtXjr8KLLftBvxIdYfRmEa3eVoYtoqWFKcU7nD_Vnj4RkxFdELDKJ0r0o9w-X26uEKBDqITE3CQTP9DP-psCstnA84Pce-BkcYhokEYUCu7HWxPbzpxLo3tzEppjwapEXaIXYgd8b-8-F2G7sVrEWJ6cmPmUPVk2xrZl9b2to6VSWN6hEu1uEGPwBfQEwsEcnz0WAnLjGrfEh_Yl8opiF_6W4mc3mCrPX2GQBJE_UbFjzSB6B2_X2CU8dYsvx55zJRsZS2cOaq39FVId18nBwrGdcFYoqkZiWvV2vbFGfcINrhiuRW0VbHOnpYR9y6QEJpodzZAXhht_WTKLFySEiaAH2ptluzA3W5g8zcyqIvIjVg_SBa8RMHpQI_ObTH8DTtlNn7OL4doBHocNnMjPyWSUQNBXUzn0fbITE-9XEY9OdLtEVSqdcJCNZDByfsr7M5zceNuGk0PKUxBW1cZ_2Tbm7_JkgFAc51pf6OjtXu_SkiFRJwQHWv4Bmj9OjeKY81gSa24KHCrnrGihMNaHOPJvOVehi2HZiHRxHoB0u-PLKpDQJNe_u3Zwcb8gzXpuRQdPnPmFCUtNKCdH_Tqs-FwCvm4EeRYUixs7g4Wtn4xMQW6sUxQ5UyIOSCdyugCMBZ6hXPdIzVHhfdwp8mxNl2Ry2eoyRXh7jQ-z_wGQyl5PolFz5A6G9dq2qXAIFfI6E3UVymTXy0xFrRo7rC5cYvnt6BjCpvwKH3nlwUlVZnKewPZ5eQDUP0qQlUpWlGe69X1ceFAaaNT5Fxi5i3IvFb1dLh8qYAn8gbbFmIT5ZS59d0-hpyPpkDuiScKfmkKjD7GvC0MTfjN3m2T8EnC1t1-0AhduXLiJdG65HdEeKAkhwwD5FGq_-HC0da9rmdhYO2Gr0C2ucP9CTn0nC6hiyMF9EfW_vNA4P9GiZ7u46ZwlqGIS622QBtr_iF6OVF1U0nBP4LsBWRxyqOGWNAHCEw3sqvlvlACpzI4gVjVHDzXPU2NLF8Z5DRG_8E-i48SYjyQAgP8XLqS_0BTFjTG846hFssdrO0kigYP-mDvrZqyEr-dNbMD7wFgf8ukMgwS2BT22V7TGtbHdS8VwR1cz1O12ncPHAxEtAU55IVrBtFirlTbpZlbTUmgOTwEO5HbiSlkBZxl0YLDCmF_sPeLKKA1ChGVthEHOSHGXDSvcWbdk3JV4LM47Mn7zywfqSsHjeUvuhMO6Tz6m_hJW9qqxNzCLNtCb9CFUUg3hXqlNRmdTHCx0l32jckGTJbUn75Yytygsdj0BGUUUWLfvsXe-LyQL0Gd7pSLXeiihMTguJCKRMxHJmIjaMK0oWK0vhz7Jl4TcFQQP0ijgR4cqnlsDHgEb6J_BDzvNQ8yXFSqk464EGor8vdRfrRVZYWiz8sYsrlB3l289oMOuvPTtnKlzXq99GqpU8kNpWJfe24a6hfNi2UwFdlsvyLkvfb8BwLq5AOQ6exXZJ1fyLMADA&cid=CAASFeRoCzFgJlpzlJ8VhCuNRAFqb3zhpg&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 31C9 24 KB
9 KB 3122ms
3122ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5ov7abRbc_INaa8Cy2nnVNcb5VFBxo13TTxPG2j_HwAcGjIw&d=CnkAoCZ_4NQ1b5mTBhLWuuWkloXSk2D8JJMJVNNiitxehgCwuFXYuiQJspQSL3G3IdcMrDXToF2nkR4YpNHm929Jej-ewFmZVKEa6V8FIsv_skCdmTh1Q376GFN4bzs8T1PtOo5VYb0iVYVND--kIqeLRTANjPP9kqBEEskRAKAmf-DOVXw9HYqLhJEqVw5l_3_RDz3j3MJ-ONfMMCoWhkGJ3h9CvDG6mZbBF7neSaVhmGqYY6eor8O7oXwuKBeEnByj_jqZM_OYJtOrZZ77uBwv-XNyqVXmrVLjIa-FMKTWhrSyfikmRXX5Tm8Bet_VtVo2zbkmeOTDGBrv7pWURky8-B0_xf_n9ieh0clgiGemQFIzrM0dWCkozzIj-SK7AAz7nGdWEDVhxOV6xs-cnCmzqbws-Lnaebu14IMVj2F6KbFN4woMsBChkFnt_QLaYwwX6CbtwAf3D04UkuSkz7rP3rWpoSPPLVUcBdLs-OEh_suVRaJYDdE6X-xt-Oquvud5VawPx2CzupfF6jxTBm1vpP0UkfSy58X3E4TMrQr5-6ESD2lgZq7Csm50kFrtr_6C2LFs5tcLOX1JUWuR-A1dBcp83oitFf6BqvDW-BQTUIGdtoOtCHKxIQvCcKT_V4IPICH3K2x3w8oomnyd5a6h4nEJB7017Zsar-OdKyqJNru2qOqxqgBh6hosjlGf60j-ty1da5zgQSwLQyWrHLpQ4gaFjtRwrqQOdRoACAmpzEVLAhimqVHf9Dx_cTSt80K2LL262zC0b3xLcXCcd5Fkq7jaRK4NC0xgVxR6ulF1hcQM8EBRiD9RufarOJfkjy2AyfSZi3EFC1zdH2-W1Vf7ME_wMeyDPDXp766DBXUJMv_QuOrhnN71FyW2OcBR2pLhTWxOqvN56ejhw4V7DeLRiTx_Rq8ub6ViQ865-s_BwQzMpBXky9YotymCCXhzygx9AXbq8jK_YE7ahtzqeTnCM3XJP0YRDp1lzEmJvz8mgjl4lS-GVWec9gVTiKFjKj5v0IX_obze2ynn_SJHcXaDdtebkKVPsgaH46tMnLQpmCGlmuY8ecWg9mmVKQsJZGiFQ79B83pBY836IOwlYZzh9tbT4OSArU9GuCTZImJqdmnzRBsdp9VjEy5MMl6JyE6y-3N-i8dFMWDGfc6cM-2N26V1F4xPlerSNFJC40kCZbk4OEv1-E9hzhZavtQQ-PFmD7fKadQNlM47vlnbU3fGKxBoJbdl8eJgjTUX9h3eL9Dp4jsB9MZwCHU_N-3cgss6u844UeD36LhbdlY8fz7NEfOrn1G1vEIAgbMb9ROXOOnrRJlqO__l0ukzUTaYEhekKGPE3E3gHImGBAynQ0LPYoBeP4MgdwBigWuK-wMdeD9XpMVQUubsw8OolVDHolf69ftlHQObyMadugn2oi4FRkEGo4J7esnhFeDS4hjlkGI11jl0sZ6UK-4a1IyQFWR1mx3PDIH1yuORrMdw-30w-aBlWtJT4udDPZBxfBPZsY91sxL2fSbzy7Q77djslnAtn88RsxIfF65RO2f8W49zZYY0CV3TiC2-6WImNIifjhJP6z4erFlV9u1dPgfwL8AMnvUwprd-2WhtQeVatYqM9kScgFb5wn4VuQZEBS-fhSsDMqR0ZI_vGfhkZMIVGVA-b2S2Yfh5aSz4nLMJAXV7TQwFRHUODRp8TwmsJHYGXNhQ6n-U6Xx9suZLypmpdlPRVRzSggDE8C8J6ILZ0Ska2hf7Qx2TWqv7sxqsxrwumNCZZcB1uyQy8RvvN06VxX44epmNFZ11s6KTCGdWQuzJEgG9xHcKtJMrTcDJ5xL3RukqHwDPuXrJ17GjXmZyCsHkUm739hxif-I3nJD22u118U7-UB9hmTxJsId1sT4KS5lLY_SkRtuBiJ8KZnHIe9yZ7GdMDP5Y1kqdyYnSzZFf03BFUKIfCYxSs7g0sdnrYUGMTAIAQ3MIGELEpVPbXY0apgVt-eauQiEVR67N4VWSrbtxwYPBS7xet-6Evq_-kOhxlEObU-fmsF2fWvik3WudjNdVtWimz3OHvR5NUO2O1X9ujpGfAU7VHz4EStfvyLZ3LsA1ugTJG4qXZXoMr9wSFrGEZQg6fhgbzqk1wHAzTiAF6nIfTODMkY3X99R8BADa2grRZUly-6vHiBZohPEzjvhysM-5wC4SbvP9pfipIAytFll8PCUBdwBuJs0DWmPwALiYB0QDvzSl-R3ox2DnpqCLmKDNIzpAd2eGVxPARURTxGBkKlqHJH5skqG8Sji6u1VMIeEFA9UOJe_Sngge4D53vXoKa_tQlhbvhirWjsQNk1U1GUVzqcCyfth-3gyK0hnXewmhEeR-UIT1sRpo4dYG17wxYeAO8KV5amYGsTFi42f-Sl28Hnq87Kn4QZTp2QPJ4tzEhHJ6vdwrncbCgr2Dz0nKC_JRyRdqskBnAWq48jPgle0x7osOPPU9qM5q3mqfa32SC9RAW7SJ89d6okHztxmy9x3lAz0zFgPVyjzmTPCDA7wp5dwNjsED802VPVrZyej_LciqOr3QrlmQrrPCpMN42D1arT91iLfNSD_3tDY8kUx3yKNbxhR8OhO998h7UFJpPDes_E-4m44g_6V0CFtIm1xendjYgLP-tQbFB9Cht87JSZEi9Jhc7bCxKVskXDqvikSSyFki6PW1oQfL9qqNJJL-MgJHZiuZ8g6i9PvoVsZTx4RpK43wTSpLMpSTMsKJxuO2eDKlWtb2EFVRFaamlp61mucFZCgA85YCBN8kHl8c65a5joonm7MIqoB9ggs-0QZ0TqdkEwI1SUvB4Zv5KHidKzb5QlrZwg0OIE2lEI6fgMV97kXPcIEvYMTDCKABUrjHjQ3qlTPn9zUPX3UtpuDmdFDeQX2f8DijhsYgU-S2f7eLoZKDwDfB7PM2J2bMNrAZCMSfeoKoD1ZRUxk-P5MibBmBgrUWZup6xnp5Mdo6HoiZUDYl9t9C0CQ9cw70Onxy8Ec14kGaA-zw7UfcF01xkmiJE47ltRjho8xbPxDgU2AHa-n7SlHwk-QpbJ52dzdi8TLaKimbdViLjnxXyBrY6tf4iOPo-cDlXmXNVbyyUXhyzQQqbKPV20aUJAR7NNNVpwRI8wwQLOv2usosBJN4g6klOUwbtKQmkCIaGQgAEhXkaAsxYCZac5SfFYQrjUQBam984aZgAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 31C9 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 31C9 0
23 B 71ms
70ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEhPKh5-z4wDD3f2TD_k2NCfJPrPZmTXpw_xEVOwjgFvBaWkBG23YRMyaeb3xl-r6cfsYubujXzHvkEWpTX1uarXA7o59bsyGMGVxXoRPRG7YYFbBZIsQnZC5IzRtSi92PjMisLE1O&sai=AMfl-YTquDr-y9OmzWYG-fywE8_f6NlABaps019OpwK08CKPXs3S_K8VJwhZiMh1SZFOWN146QuiqVPoC9l9btEqvNqT_nPdV8WRWtJZccA&sig=Cg0ArKJSzOzwoeHR9ndNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.17999&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_zerodefectsV1_static_728x90_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 31C9 16 KB
16 KB 341ms
39ms Image
image/jpeg 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_zerodefectsV1_static_728x90_NVIDIA_x_DE-DE.jpg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

4567790f4ceb26b4117080d2404a5946d8ea1584e07e87a3e8333337a92705cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:00:54 GMT
x-content-type-options: nosniff
age: 70720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16449
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:11:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 10:00:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame F82A 24 KB
9 KB 3025ms
3025ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-TkTtg77tbuAA2ep09FKLr9D7F6ZT0lXwciMev5XiSHg98s6WktRjf18OHGC_SLCdk0GgjcpL0r00piBcFjtsP9icjh4RTHHUxZocDYltM6BVGGtcvVDhEOgQG8R9aqLzo9LpNKxsSNYc3oNHgXe-XCiDyQ&cry=1&dbm_d=AKAmf-AzGxoAn1eCfSQQ8dNUeUvq4H8yWpJwX0JpWnWq3xJGygEaVkYLdC5mJnnRh1ZgHUs-c-QKbuH3rJ24KVXtCwD74q58TGt_NnT42MVJWpJxP3LmOSBF2hx6DPXlSsmDrPI-cvYTctlSl7QfHGaq9KAojWUAUUu_HfSe6IuMmybm-Rk7WqTpY_1EOQAJQv1XLQwQTAIcZksOU-AAwpWLOwqQc7hDmODzI78cry3c0Qg8B_B4HY0909lqWS_pbiS1joeSxLdwIOgEQAfm0MIEU9gUVSUiwLzfzH1_ehVzu1S8KLW_kRRCFVjvf_5MXltZW4sCOjqWD56V8diwQwNZKIZeyF9gecd7u1vns_SxdRIl_yI_0Im19ibIeP4YkoavHqMFg_Ok0W1pkDjXEkTkTLDLYojndPq9yd-JXyTGWWdn7gMzBBqdOYEGiKoxBwRrBCqLI5jCP0-hc_NvEuWhx7wgjRVkbmYjFeW1b1jdABO5nlmYT0vMaskZQQhAVdhJR57HNXhoeb1JKUH6cIAfF1t6B6N3JDTpXdruNKxBG7lx_5aY7TuiqH3JTRC4gtOk8Dcga8aCupgpJMpP8nU67LRAW_Ddmc2TOl8lRfwUmB47-xlyf2ykQjsVaVLFljc8OFpQ-u2c48wdUHlyfIj6KvImXpiE8sWi85x7l37PV_fngxzPaF0eMM8vy7Y_tYvAGIkU31lc4c4ZOg77oigW75Zx5SZHYl6-2xy_qVebdly3FXwzr6gSqmEqqF9c-eNUI-jnfgsUNmHr-Hx9qiR7JxjiG49JUzUEF3ZTatqGUb8r1HChooH8mcxoTcFDe_Z4AMCqYsFXYtHFPYN83TDbVbJY-wRI8W5QSyYgl373Yd_uiKDQeP6dB6IcUrla_iXVLbfYl6B66Zsnt81fOeoZV6tw_fOeaQghDf1AG5fWE-e-YAXSXUFxWZV_55loxQiLFFJlH11YqGMjzDw7X33_5btobUki_7hlkLvlPASg4Z94rXwx41N2RTP14cUuKT4vigKhOzZ7HMfjwXFIu52VZitwrVkGrZgToY9wbl5OcyWIS7S9C1ci52aR8NYhAMuY431vZx8J8TueWIwBVpZNNE8Ju9pbpuv5EHr1mnCF5NHw-3MexDxAE2y3B_qCz7liOOqNzoAr-m5ZUmu4ZMIvTxRmss-4fiQbyFpsR3Gvu0hw2nvinbYLThuUbxM59pDw7Q7J30A83vmpzETsJO9vt7A8Lvj-qBBrzuAenrfkxSNtyb4PrCoYPz_CK5UaX_aMjScVdY1IY-B1bQPbZcdokFBPjCDr-sxHeajWUbqAEae-gt4WlLPApYO4hWWGLavYBIab-BnEK1YFFH0Ba45sBPRtfKTi6STiBQOpljk-KoXkFbkO2Q8Z1h4UNVa7YD1nwV9KNy-LI165MPPsF0KdMlwOSmcD2SokCrx0n4LudfBLu8jJ8rMk4ytL9MJ6tiX00DPcDD_hzdn4wYN1mLCyCU5dJzGc7GXVLhYWiysdw6DoHUmw6dqVJpzjWIH7KWN_vv-8bIr410T1vf6wgOGhUeGeGjy4_Oayxbd_lHo4WXBK4YDKQ7CR_V42XUlMAO34k6ub1dJQNWYbF5Z8zcXDlRlJO8K8a9ZUVCcxsOlDDTimOxgMEt4J1lqgg7CNsDUxcwmAt-5w82LLMOibRjhS9x9a5bjNRzZyge7OJ8aOPlz6a0pV6WXYE73pNTaAORIqS_Yb71-qYMRnb7IY87N75SiIhJag6ueU7ExaYjsJBNnaIKHJhsRH54vXZauaHmIsqDomOyy4PLeqQ-Cy5tpbt9Aae_yD_w812PBPDjd0jdS0NJ2kxqfdsMku3MdW4IJtjUgq_TCB-jbwGj7URQ7jtctwoKDCv0PJZ4x6J0U9UpiuMm18gMz8sPpXRFfsEax069H20D-gW66Sn5PnJ4X9oKLiK5YJ9Vl45_KfLgl1vJwctmPdTHhNvpZZqQh_4IVJCQfxLEA6rstiG75Ipwx5zp3rR0QUIcR99Ww7XyNT3IWXmZ2CYdpZLRjZTd6WrCniMZ0GAtGFsZRznqA6uXrlRo4DoAKqf75HnLZOL3M0EX3UFS1bY9JMOjuE7XvacOiy3lVw7TMvwspKZL04N1guLsv6PbSmv3ZHwTtNA3Byl5E3HWpnwRSqeeMFFn9n8JxrbJWJ_zR9NTQ9eSKTqKaW4DzKlQVeYvrfugvbttOeySao9bLEdvb4DyzEALF-CwstDcQocuhWvHJ31wSMXfNBtBMpwBx1s7aQxXU9DlN3nCIffb5gS_OStmZ556RB9dKdeNkw3JLkC9K7dTZco_dhfL44Id1W6UlMDplsT2IH2Bh_-kmjmVy1VUeDEr-awY4-KWmz8CdBZ_NrRlewl0-U7lCvjvvcChitewUdutBAp8ModjJCK2UszaT9dwACj2FcHDNmYNL1kSrQnqh37PY80C3oZO6G2r8Ij9v-ht5pO-1rgmBXK1MxiO0TLu70ErCZSxvAuA75VPbl1kd0NYoV1-xh7EZfbAbHc1TVBS9AtECavW4EYuvQGKVINTBEQZSwOtyfLV2idsPbGweuvB0RJHQ73WwDitLQqzFStdrVJCqMPMi44dJkTdFdLjVMIwja_rbbEimVyBegLSayqZy6XcTgv-leCBYp-kOv_Tc5ySfHVjcj4ZYrWpl7SJcAuObfN_mV2pVnX20D8_H5kqR35n5abHcrj_B226VUT6c40p53e6DKIL-NC61FqF2mzRn89AWr0a1fBi0PrSy9dR2Gojmp125kMIvJYnlkHBvXVTwFgua6M9zNt6vwFMo4manpqvRG6X9P9-C0qvRuroSmRdwyoDV0d0sUW6alpkmHlRKU7_T7qDuE2ku4WyvfmQl4zsWBBGjNSWYDPoUlnZgVKjMAnRvLZf3O500M0HyRYCahOEL-bW_o0Svw8vgT06osejZTaePykw77Bt4x18Lt2e4gEoz_SLAwTsi4844K47QUmHEJK6-SNYLQPNh_gNyZuO6ZNcgTzDphVI1fg-CiYscS0mMvsaEMeCRgxQv-zKdxdw7vVFD38qqS0u9BGKDfW6m-aqCbVT9IRB5K3b46gYagUQlCI7y_pgLdxGZwBDR3qBA1wlmD5DYUfSp7f0HitfJFkIP6u-S6OHY_tXe66EEAawNjn6BCyzllWgGKrVbLFLQoAG82uNLUxoacCNpjE5e7kJ5W7QJLr0yaTtDb6SVe0egTKuatf5rAiQlnm3aPCNr8dGkVaXWoLipjQ8KztEfiR-s39zsruhZeXQfLDI4tqgGO-Q&cid=CAASFeRo-bdjLLePnCdkQQG_hZvb2k6aYw&rfl=2%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F82A 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9FDB 106 KB
37 KB 340ms
39ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Origin: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 16:55:51 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 9FDB 0
0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 9FDB 24 KB
9 KB 3481ms
3481ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4oaqrQSd2Ai3yzbEPEvwzTRnddw7mH2nNB6Q29P0_g0K2JTTelGOKFDAKCrfR03mJrJ02Svb1fk5uCdOz9JJ4rXOyZCSEnhXAJe_C1Bhu-G8J-gTnNUwf4Hu05ECjNLdVCTcBR9J_hF7pdwTS3-Z4Rl_8Tw&dbm_d=AKAmf-CL6jSZULj8rapi_2TX6qL_km2CMUzyU9WeVwdE6r6eI6jr7HH6IiaHfMAbojFWufPvXjEf3DW3uf9fh4u_vXoIbmnXW7yw7RsAa0JUzYMaSd3qh8zUyEaXGijzPEZDjYa5IKdmIyX6qFy9VfeMivBCxdviGhsk4kT4D8lCMZq14ZHpsLAFdmXcl3oRlFPkpkIbRFwrrbXt5Xwe88d2rCQfxB5H9RDNSw4TL-L2deUMfXRexosN7jUiOBHCt9Mmz6HIRVE2rZUYDW8rnQY0q02DauMpUzRU1iEsm8g30-sMsAvYKoEoZ-LwhbqS_Afg3TgRFn84C4kDHMjvOBF1Yc7ldz7sBJGBB7xbEqpciW5h1sW4L3FWedM2VexEvgJ37i8zBfsXPuAdSguYW1kvdqAAEHRmlapA0Lc25oL8WaPrHjD_T2pJz61hpqqj1vFwsZ9eQNuwZoZW2qNfvWBSDq-DD4wVbHeSZjBWYRJTbVFTwFAZoyN66Kaerm-qDNUqyIF--rqZCl9TapmRkno8CZW_ThbJ8sLYGwaDZL70j31Z1ltpbWPB4aOAeo4OQcuV5qphc2Aqu-4hbd7MGLCQioRR2tAm7qCSCv2jef60Xnk7md5pniFsqgIexK49Dtzreyy_gne8UcfHkpuUX8IwLb5JOfTAJ4mjzgsvL7ePKN9LxA02eXRfWSsQPzcPV9m9y5eL0A1YgIa8RIS9FNcM_D1yZ2zGsa6nBeSUlkVfr3qyqyOQhBQfw8Gbho74bKtwlLb_lOds2xORcPUkqyrbsNNY-lGaOC4_GkULrE08JU3K3dBY_N5FwezQwp4wmXHPUsfG4nmFrLt6pXb7xtr_gglgnAYr78zttQTz_HWTntC1bziHwV68sj_Q97vuUxoWENTovhRI9zWqWxnO4aXdXw8-XOq1JRg8t5TYyAeAwHKMoZShoxsNhypa0KhjgIeCCVzZjuZ-6VltbFkho143oNzCvEMeNRXpBGzHreG5v2dwvssG99HBqwM2d1r-8qCBeqLgMqOdF1mknwIntP2a01cxef_7s2ZTppA7kQJZXiuoVK0UzxWW_bWos7FJ0kFyZYAmPvKRDAg1lbax_a8oMhzzmOXEJV3jiMUA9taSLvtMs2cjRhLA5wi58cdRqZCVAiMmydCNsgsinbNXF3pYpjmz7UjXxi-0uy2WR7-1bMTlAWBLbpCOISjncgl8f6WXvraCQXt7cgoKbH478mtVRGimVV5YUqrpTUe3kXIhbLsMzI8yXo5STHRWFafRgIF7OAMoYl9UIQKpWXvfFC1NhhdWRB_hADjGPHNOeHAg2CX-eBufg0DiXruG2t8VIKYe4xBBOtXym_gJhm1PNFLbd-kY0m7xFEMtTv5KiTtvwR6vywL5mSQkzY0MbyGDssHsp-nM7RznCEnKB0OEfMYYllIu3DXA5WWkMV4WIRdWx-RcTGvWCsMD9-87UJ-B4fqBz5LrRhsrW5mAy8rzoQCp4YTnzTkFiEdUKZ-W_JODUgBsrcJvAk-bxxpliqCkYrSF1iFfzZ3v5sXoF6biVOD1NFcL2ZFgoocbz0quQ5hN2fpP6OASYuiEvcVlIo0Y3sy_MvpdXy3-6QahVGAxaoEidp2VKx88vWu1XgYL3IHMbU_iCvVKJYJU8GAq7jlr1IUWtYIULj9wSa3SBAK3hx4lmJxNEPoE-ZgS1lVKNwcPbe3Me116go42L4TIAvdDgSmUNCO0WkIsgrUmxk4bA3zXyYORLiCzp0ecx3vPYA7mdYFlj6fZTeoeh7kaYsSbdyIxBvGi31sXCquJStm2oB4nArniwBT4czFqvh7fd4FKYKI7JfV3rFEe4YUmWzwgOdkJWvtjWyIQDXhh1xZ62msMFe5r_c0aXurAw2DS85161UBeoHbxLhoc6aKt_J1ztOgFTEVjyA9hi-Z6IRY-ALw1XDjc9gpdiHML6Ulel8527veBqORSA4x-FWkecCjUzWw3P9sA7mKs96wkYFfMOaFq1K4qCt5-rZZA-CyfhBkfa4aijRbqr1X3HxoE8zaPQ9QPz-QxzNk-sq7O050wsd2CDU58bxEqfPrEnauxs4f9tMg9GUyVuYPzvQ_yrWYZpsP40xl2S_gB7vloNe_WRECzMCeRiSe0n-FZbKGQj_dZjz9gw6p-OG8harrqvlcaiwAXo20CFjxa34_g-EbmZ9_7qgMxtlX4GeIMfqV0l5IzFqV9B-61mH45kMU0mEbeuXC5s9sQUFFr5Myy-MGi2aY_flIdK1aMpSmlQGZV-0TNYR18A4IqrkY1ouM6fGo7Q-J4lOq2MrdThkJF-7KbeCJ0N6PQIF0BJizoI6guBTBCgx34XIMakNxh8tMOKIL-O9x0N5wJUJxaZMsPOJR6NX6YYsODRaZX2VkdtRuXvXE2IGET9otO0QbqqMalRQInOOuHKh0U05OotpaUAyhMK-NV-3gI-OOSXJbwJV-K1AGGf2JXyaQ2rJUdYOMEPARmWFvWGX9yjlLitNtYtOWZvhoLCMOY-vtMqiGhXFSCfMNNNQ9Hk6iksCKxCWvMBbNzYh-cvKJPDg_KdI_lt82eGDF542qhScsHBNSbElmDXwZTsPLAktEdwfv5ycnhzppsHl_2JSVmCKtFMnF51PEsKsRXPS7Ad58UAtw5yaUUR8FNYA2TN8i91uz3rsv8zPKvuPNu6lB26-T1gTP8KHvmaxv3gSI8ObEPc38hEDbQFVTo0F9dXj_1lXoEHKaQRAFORZYwYGKLsv6O_Wmfq-04WRpc6fmwryeMDHe0LmoAfXkOyhFhcle0ixLzdeatDaLyVu9lcuOF2AJkS6V2oier7Ujd52WXGbkxylBzlXz511pNamu3RvdgxJZ7ObJmdhVYGLcfoJgkNQME5RrfsVbf7lA8BVhenG80SGYza1ki-7KzxH21YL3qbS1R3YjFH7oNmSfTH31klIf2w5cSfIdEH1GGGUJIabolncWjgxxscMQ3H2yhgXf06WpHbfNKU0W4VeUH_6K6oEt8ZGObUcp1JSDRuv4z7C-uIJLgK8YlHu5BHXdvZdvTYh9BHeyyu5BM6EAvTTl8Mr_v94bE4azUF5IhKEnf60Iweg&cid=CAASFeRoLrdhKgVEtihBK4jPGjc6VVWFzA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:31:45 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 803E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDCWwG4kbAt1X0KLvtLHIjg&google_cver=1

43 B
163 B

73ms
17ms

Image
image/gif

185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDCWwG4kbAt1X0KLvtLHIjg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi6lL-5ATAB&v=APEucNUPCGbLPs7b_8EoI-5MOmHOEB3wYKhfH2suXi9E3TpgtN2A7JldeGmBF6wIUcoxTnWPPMGMINJYwScj-v3LOCLx-1uuBi6246kCk_OWoYSh8Zi47uyzaUDwuscoWoFF8Kxw3tR23PMWvsrwhLbGZGXLNu2KwqC6n1SIaZ_6KLZ0J7jFowo
Protocol: HTTP/1.1
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:34 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDCWwG4kbAt1X0KLvtLHIjg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 803E 43 B
163 B 119ms
17ms Image
image/gif 185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi6lL-5ATAB&v=APEucNUPCGbLPs7b_8EoI-5MOmHOEB3wYKhfH2suXi9E3TpgtN2A7JldeGmBF6wIUcoxTnWPPMGMINJYwScj-v3LOCLx-1uuBi6246kCk_OWoYSh8Zi47uyzaUDwuscoWoFF8Kxw3tR23PMWvsrwhLbGZGXLNu2KwqC6n1SIaZ_6KLZ0J7jFowo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:33 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E4F 236 KB
63 KB 360ms
59ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 05:39:34 GMT

GET
H2 200 300x600.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/ Frame 8E4F 113 KB
20 KB 338ms
38ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

b710e8b42d2bcca3418f6fd35782686932925e1b7cee791dfc28e8f06b9e85f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 13:34:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 17:10:27 GMT

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 8E4F 116 KB
39 KB 345ms
44ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 21:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 21:19:37 GMT

GET
H2 200 clicktag.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/ Frame 8E4F 3 KB
1 KB 358ms
57ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

9107398c2fa403ddef0f56b584304564266acf989ab923ca9583209bdf4a8cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 996
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 13:34:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 17:10:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 31C9 0
23 B 72ms
71ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/ Frame 4E89 12 KB
3 KB 1852ms
1675ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db364213abc47dbf3e7155a9fec097962d4f454de56e95cea392dbaa8d7b48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3493
date: Thu, 11 Nov 2021 23:00:10 GMT
expires: Fri, 11 Nov 2022 23:00:10 GMT
last-modified: Mon, 01 Nov 2021 12:38:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 23965
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FDB 0
24 B 80ms
80ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEHDEyzXSIpYGvl0kcCJj1X2iq17yMczoxBqbnbLWzcFaiPRsdC7rFA-i4RAzxcV-0bnZBtOBqSuNB9TfgebQ4r6i99jHNqh6IzoK8zHzgtM6uoyzPlImRj5glQS4hc_FJHOtzb0bX-Ly4Xc2auwXG-mseBYoNjRIqrk4XN-ivrKVgAxB2wELvsttvn_T653c6SLpXwvDTHbG1StvQfM2KLMU2OsCJOO7D9dEc6mWOfwqEmbvF2DBwcKCp4jCfyoGuQiran_kGiW-icj80dk_3NMbDY5IOt_GIR1PfSIUmP9t2pOkqmhepoTTgk9wyaVASRY8mXAMxSaVbHGxS8eoEo08C9bWjeoCpHLsryBi26NDqJiYbHzUqtNmF8aQ0z1fSGKLvR1HLWilT_oICnZ1KYLk0ncUvVVLNlYysHKAlIXtx2xGlafpWRllzX9T1RhLNHA0bEf0CFKSOJu3WV2q50VqBDzZoXG_XmC9izJSYZZG5ntKwGVHJkZXQf_lsyDKTUgtxfB2a7WJEwFH27YeeZWibsJSB0La34WyHuNHSH7zFROtTdGDTjkpvL9T4s8e2wttO6-qOhaO-9tpmZ8iuinSPOipzInInpXY56GfImNtyClrdCJkaRaHX9-e5Rxx6SIQlrhe10sZnOdRpqJR8V4yMeRQDKBNwy92EZ1YouexMhBhSGZgWAr6_ymgyJ2_zglXeFRMPCR1CKrxlIC4-5oLf9bniJI3yCHxgWNvNfKWME_d8_2rOjS2ox-1ksyQKPaHKO8cuukX3TlQIvgjDvTi7fqvJthtpOiz0GxjC-DQcchm_gl0yJ4mSjUHXN31jwFCPmT1aLLr7X6HwJ-Ar9sxlw_lrVyywiOGeF4MVzJX7aySIJcc06Y9K-F4suEHpx60YsKKolmSTDmpfSCzJSS6fW9MqW2t_YpaL9Uh_Ro_-PLNbzZESKddlt-IIlGdAWlS0G3lrmQidE8hQqA6vDQIz715cOUiNrA6OrI4MmFCY0thfFtCT0Hyzm8jpDpddSuaTWp4J8-99hcYx8HBKngTAqwHVFDqP5z7BYhtMRPiw-D6OevJB0f7Im0Pj7yz2gBj9H3OUtmCfNMfWIuBXwu3a3cAnIh7z68e6Cp7gUmtWChPuvLjoRmB5FCc8ZA8e1BsfRu0Gra-Y6T4YdfckvtjkZS8vhsOIVh_ushI&sai=AMfl-YTYcIU87YMkQixi6g_6yLXaSEd9NDv3lmsUIejAMIzfn7uDPQVX1qZkLIALv192gnBVf8U4eNZxncYAuKj8j_HTHNck697G3KsmuGkgg-A-Z3YVuErCwXlWNksi_VJDS3OEcjz9-Yk4BQZhbq9dQLw7O83M93QIAsKAZEA&sig=Cg0ArKJSzKIFvmzdyKtwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&cbvp=1&cstd=365&cisv=r20211109.49745&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 12 Nov 2021 05:39:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 658A 7 KB
3 KB 8ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw1&base=te-clr1-12a5f8f1-0941-408c-a41c-b6483b66ed6a
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 535a4133016d221aca502ded2959ba988b27a108169393981848bcf03b028f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:11 GMT
content-encoding: gzip
server: nginx
age: 86183
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2470
x-amz-cf-id: HLdrxoTuuTA0Mu7x3yYo3FWoslsmJwqN3PfBXT_c1gAVmEAB8Hgc8g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 658A 38 KB
11 KB 9ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 19:01:13 GMT
content-encoding: gzip
server: nginx
age: 38301
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: BYFiaCZ8ca7gjoIDeioRm9jYd0WMtX0VxmnHG9Sgzto9NQqFzYNEOw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 658A 43 B
382 B 1168ms
1168ms Image
image/gif 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=c89a
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:35 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: gxYYf_86vrB7lESEo-6Zk18PYQo1kc70ccZTey7_REKE2z172ue45w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame C55E 0
0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 17E9 22 KB
8 KB 264ms
263ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CCE 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7E88 22 KB
8 KB 2265ms
2265ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F5EE 0
16 B 528ms
527ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNV032XrUeoyLQsV1ZoWuyviqGDsUkJY87fgUwjjbeacE85CVUT4OzmVjVoXUk_3XAOzE0MjsKlAVccsJ5TIsXnGg1vaTYmeu8oA9SnOnmEQmFfYN4kiDwMhoIvUilUPcO20siDxjjV7viHLGL8QxU0mQT6rdeSH5dZADuSqHUltw9Mzug0

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Nov 2021 05:39:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C141 73 KB
30 KB 3478ms
78ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bs6k0epEa0VsouHcX6AslUVwlGEK1VoGHZahCOH8j6SNxj_giFPeuXccQF0jA95eo-Vlt9gt-xLZmKektdnwpuSoVRDFJ7AOpTXHcYr87K_CeAs4fpjTFWDx0bZSbWGTxMjoJzXSb2Pw0QgDbhNrEs4_7vMg&dbm_d=AKAmf-DmBh2Cl4qwTebC-vDil1H7tm-BvlY8t_Id58mc1IIfuAVRLT6s3yKSlc5cMZoztU8Mg2HKPnzXtL7dImRZKv2VzHn2bc4BwiYIPiXYtUt1L3leW6Od3o9AzWWvnq60NY0dWGcPsvh8V_x4wWBSmPyyA2m9MlTs5K89Hb8_HPRYGE_gj3pujJp-aIATe4K36H4Ok7b3yhOl6N58kMc9kYI-znDtlzlV3n0mzT1o4xtKWKV3eJaKusP_iAhFloSmASL9i_oNyDIuzpYwXB9JUIlObltakYMW7_dVrnh3tI5I466_wFB4vBQk0crlx4UbT5jbNb_Wks0QP8hW5PoAS-xAM4G0LfDBH_azemqbEK2vWUA477RyR_jsvnsloWSjVYRTIAg9ygaFt2v6X6ncymEmguxir7E4FcFT6SfotPzj6Ii6j7SG19msp5aEp-otwQXHrhanVqNDlRBMCEurVB6Q20HCzCCDI4hBJW6rn1Yc-pUnx4hY_vCVxpHhBe6N12N2EvQXM8fCUSpI40lTdYpP024L7uT_McsB8fF-zcku9x_wC1e1Cw0jKIwkoM64tSDQeDQgqLI0Od7wYWr9klf1jyKJM_hyi5qd9eufONYqkcF7mAUdJm9GAy3jft3CfrOSRUKs3cSsrB6Hc5mdX8hH0G1Y9RMBD7NKyuZQ3VFEoj70UEOCNuasgblF8LGrv7c1G0yX-xFBaPr2XnkUs8K--PMpJoqLC1omL7Jazcwe4PzZsjBNSjzLoWVb7qP75cjrRRjyi3VTLt8UuD-SLF5uxao288jOiydR7ApisK-mJX8267hCcxpS5ydGyMvKwVV0A3ynRaSU6rTAEHy2UxWo3cEiY5011xaRcGrM-ebsKQnC6OJOguphtclIdbQSeJVWjsWOZsoWQWUh-VnLq1GaT4Em6Tq9MzakGM7KB5vMH7Q7uMfGROxDAOUOZ-s1XD42wsXWyVi_Uz5nt7MXSp6HBXwjH-GQj7TFaDSZ4-gK3FLutPapfVCuTs7e1yTKw3eud5yPuBr475BHyK9H3lW0Fh600UtGj7SX_7B7kWttojqP_zgDOrvwJrBjesZerypY7eRJvQpJEnz_BXetSOMkYRM02gYjUJvyPBtPOv9wZvBBfUR0CXw3a5lSCGElw4Q_POQdRTTkJO_OF5BK-1M4frDbASvCuutD9Wf0sX1KP5RgspLk9jUv6IPdawHBNd2ctcKtPtMBCQHO554Tyug3Ekla9lV7RLeApqhxOhOi8yScm_Bwkv2Sknr9su0T_srgoU3TuQwlZEAmA_Cp1JmGf1hn0rsYXciyY6ZFsgLYIe0BpbRizR4O1_1Bj7hf4aTNzTpgQkaM_zr3tgeqfdLXe7kYfesfs4UQq_5ZZGLvFGT3ljQOeWDQPbezH79VM_A1T1lLZMzpG3G0_UD6hVySdewc9aAFhNotePg8cvw37km7R4iNOJvZcKxVD02a4mL7BBGbVQDLHnpYr_hB5-49HMVWzwsaNQpRbi29OJheEQvjBBAy2qgrjmu-zUUxt7vIgXk152z4k4Ibaplg6sb9n3Qh4rk1akVFg8xVjWgrqCewhk7I2wFar-Cn1NcOwpooMLpKOtZw7E-Jp7OKq2Qrnu152fRcfqhw4ATp2DvuKl7m_QYy1eqPmwq7dKP7M2W5FrnOQmzAAzUbrgBTG-DxT4nKWRVKOubOz-pOmqxuMiS7baXcMmGZFrXVZj0rOMBq9zrZNZCPbEt17Jx9sD9DkiAOV5pmK7cbjxYynmhhQqxB0O8-CIYPKx4s6lTQP-aqZYDsUNlHbEzQNGNk82w51t4BxxSBWeU9OUAAzTFGRdi8zJUivPe_KLfC94AEsprn1mPojIUb8y_VMqkOSilDbAobev3XQb_YW5p5InWpQ_hNLm0qgnZssu3PKBAkcVbWd2oqsgGEjmwLkijITOmP88TqmyygIAaoI_Xr285-Goo3n1bKX8VTzl6GtNfTkgEFQc8DdO7k-IuC6CTE5SEUyKXkc-xrVqvuW1UwUUVou7SjQ8Eiodfpb3y6QH4IrY2O6I5iHBLr_gbfidqqM5Ko9THk8bwHXIzDB9aQEdA91mE_8Ry2Gulrvr57blF7v5wLVG4BPa2uU7dWQXallaLgUaNP4IoACVS1jMUxx9_akf3gvxJ-QkCMSvoGWYZATE8n4MeBr0Dl5O6YeUsFEGTX984sHGrrwCrJvu5zavpXF-ooMbS4wKh9112nzQ4rFIVk4YeuzuNL7gGuIBVdEL9bJ354nbCba7eSiTHugPO9Do-zL36rBNWzq1rOKOCq-nUvUJ9zYrhY8lvbsrpoebCVOd3hls72D7SZhSQcHWnDqMnhL16OTgE_hzGuEun7YlRPub1EdgtG3LQT4TEmRjCCoafF7hxK0lIVAmbPW1j-pihBP5VdXAh9dMYHHdTs8DymIt8Q9x6d1p1KjERZC45OXTRdPK2zX4yDo3GvfPDoYNOkYjYTdyrD58h64FnTxmSaXQ1P5t0gu1-pBw3az4N20pqu9C5OLmmvJYgOJkR8d1XZu43iR2Yy0IvhyYeR5VxzFY6pjkzm06jWRAXnJhSsQl2yott3FNDUzQyxHH66S5UJmL4OQEpb4VQcHdnniKxZQLZKPCyzDAY-_2jmuw7khA6imU4A10i1BJhQthR3-ESJa_8_Kjc1tA4lo0YNueHQOBmOJlK3qtE59uK0EcW0Qwzzi75KoutMyNYgvWFIX1vVXyyWqD7emAUwbq9qexpdqiFHCvfyZqjREycRmolFYcdsvE22d6q13mccI1EOh6KythBYmTS8inbHRj3YSs_mae4eTHAhz8iR3gYx3Xo-Bf8OpHM4Xo-GGmeBfprZnGpQqCXjAi0kkDxv5VvxJaBbpO22sPTXr9JwiiycWuYoYVw9iSVHQHHWiwaNXH7EqenfIYhJUn8ofavsS6K4A4VaLCE6Uc0SabkMrlRIZEDqQOPJJheZN2rEsKrgiTmDI_vG678n_46oQyKz-3eb69Udu1emN61dIJOoXKbg6uT7CH1ngyrjoYH3f38s27yvMa3cjM1zXFZSqHvDziODFE7J5vj7&cid=CAASFeRoXNuL8e85OESXBixczeitv0dfWA&rfl=1%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5bcd12d7a4d79c54b7eb19ce1d87eaa38a81187a3e0be4265ab20c03d7259993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30765
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame C141 0
0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C141 2 KB
1 KB 155ms
154ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:46:01 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C141 0
0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C141 15 KB
6 KB 2188ms
2188ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C141 0
0 1288ms
1288ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDEpYbxp47462ctLg8aonzAGQepdxVoFZarGxcY6XLnY4Ocy_VFKCDwFaik4gz4cSPNaPbjgG8vtIvb3vnIg4-6w4s8A
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FCEF 0
16 B 853ms
853ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNXml2-OAQbsUZlMnBdNKjbIerlEb0jRdDmyO--KiExZHwk4CzatqGevbEaXTGuzjEbFOWnf7OwIQcUwb6fZrlDOgSQlYPlyI9kLQr1OxzGzhlG1RqPURRSYDV9xgI5d4GIsT9p1OzH60ymqu-OWO6ut-GfBIaLnSrKVcTCm8OdRiJ3qSyg

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Nov 2021 05:39:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 69A5 11 KB
0 3353ms
3353ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:34:10 GMT

GET
H3 200 5713719616354332649
s0.2mdn.net/simgad/ Frame 69A5 36 KB
36 KB 1741ms
1674ms Image
image/gif 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5713719616354332649

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a5bcb192e63d40f3c787ccad6805d32f76c4ae0c4f8656d09426a405b6da38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:35:04 GMT
x-content-type-options: nosniff
age: 68671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36863
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 18:03:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 10:35:04 GMT

GET omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 69A5 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 69A5 0
24 B 79ms
79ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz_RS2avpgHBDqjNpQSUrhtlfW_c_g00G85VTpUgr6xBArLwpbvJ4-KIQdYMT_303SZfKMSOwIkdwLyBaHfX1dK3hYKito0J11lISzill3uC7UbudD9cRk4wjepXjsEYg1SPuMEtByX8HR8UQlYtbSOT9fXSa0BMKgzpkkqFpIT6U38oVtOHk_HttkXwKeBe-lWKU0RlJllNYUe_XrOgm5fNKp1snidN62kNqaXBC41tHOS6WodctPzfxwmmw7hnohfD61A32LmSxDrHB4UnzTMKPg6nmTA7oF_aXRNT-kFUMTikEk-w9PTHbhapnjC-DBm4bY5V7WWREYJdAa1QmxrTwwKqFFIHa5h9C_BDagYGG81XSZyJIQr8FtsD9Pq53kTv3XIKJQSqmVtznj3Vgk_dQfLOXJWj2ZDk8UrxHMHiy3-CqjMUmk-O6dCpNTRMkAb1UNL8F2msGLyHrrFmYtDJG8EoHudKIye8JchQZOGBrY4Hec59cUXB7yMN9TL71nd3LptYpheLj8vdGI-_W7EhZ5msbFbIZ7nFGSy-Te3IvhHSNt_qZnMf5hB2ZVG3-lP45Ldf-qi8AL9N6EowYZepedyzigDEV90jF9E9UsOOp0oxEk55tKW5eqoF4oRERU9t4yV7qGDV_AgCniiwHDDO0TXD6uy97smAKTrPERazif3fI5CoNS8M29s1m7HISe0ajrvTfwvoJ9rIYiNMUzc-ZJt4QVszCqBfWVae3MWa5XEXRKEmMRXihae0gTXBpGBMfjfGbC6VZwP4TGexCKpsGtCP7lZOdtlwBVT86jLmNl06KY8XsoxX_95IN3mQbXtYt85qAh4PvkyA9e7iuRjagWCZ7l2mPfly5T7UMCOSQ9advPtjfXYHzphU_mu-NSvkBFQ69MnAzQ0YjU5dOodDIdM_8NPEwrhs1kC7zgOHJ6554AHl7P70XCtiR20nAuG77h3CRl7vlEr7_CSoAX0E47e_0QPK2GceGDj3ZO5OnpxqbI-BX_vlRlJvqBSDCgKcpQ0ZcQ28_G0Bob7-wQFL1ADqF5tTunro9nYsp5h2zYgsuRbL2olrwdrvZonCRfviQ4bGr5-4wY0ZYcsUw6noowx3YuDFvJuGPdEn3p1enTpvvL36OrGY07gCs0b7yd-3YWfjizNg&sai=AMfl-YRnneb8qj4PdBIIeBaEFpW4jKJMQldUrb4vc26llbpptttYnDKe8y0ihv4rd907UJYhix3MuvNUZulPlmr1MfcAQoIIrglLoySAkmnl8VDfGK8FxIxJL_KFVMdnq86ghfZpq9-hsjPjBbktpl7-hN9zUnJUipBIYvYhodb-jvsovLOGSEQkIVXBS9EM-TdDyftGlcg7zs8CFa-QdAAXHEXWm8g-_luPORzx-nbcskyXrbewWH6Vyt2aQ-ck--DK_xbOffWwrSN6TXIgvG8nLGrc80roExfRnyaIKRf5qftTRXPI0SDAp2FfhBkdB2liLH6_kT6bDImA3B8ZRYA0HSyNZBdfjE8_GYNeYTc7DZZwDzoyvroJA01rzCxwZ5kOWpMdZQFSrLa18f6XAJv1WA&sig=Cg0ArKJSzMGu5jzM-3-rEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211109.34222&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 12 Nov 2021 05:39:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 69A5 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 69A5 0
0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 69A5 2 KB
1 KB 906ms
905ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:46:01 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69A5 0
0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 69A5 15 KB
6 KB 776ms
776ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 69A5 0
0 1269ms
1268ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSf1eU49fIc8HzI4CYCu6P5V-kwordEGg3NMALz5CRf9vEpbTdr4rPOF46CAxV6Jb0Za78-3ZwaYTx0CCjUFyzRmu2dOA
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0372 0
23 B 73ms
73ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtV05i3puee6lXOre0dfeolspEZwwGv_B8Z3wYGShmWur47SugTTw_eSv9hh3NkF7X4wcHyWpKZRBsjgFUBinS3Yc4tA5PB8XdfeOJDXXnV1lBh_liAHOE6lsXjQNjKCPj7j7iUYBCneXdWKMlMU6CYsg_0txZjWOJVUwSBqSFSwT7xU2WaZZ3oGPbWbQJ6LV5cHXLypoqihBi1t56LbPErgmCVHuP6-0kY0zbxWuMyL8S3ve4OU-RoTIwf-HomOcwyfaNoQSnpO5qKyiF9hqAQzFlYkK84nJVzPF4uIC-W0L3IhbLryYJPUGzCFzpTH6PJCZ8Iz7sCXn4hM-uWH42oiaC4fVfA6w2Qt86GXiux1HygHSsseY-djBT5Utv5HfaoQR0VpZkhKMlnT3VcC3vurfP85Fb4wqVK6wAIBeoaKF50w8aBHE7gisQ-xtAF9mZz8xm0y_dBSxX5Wo9HzTD-Avr9JvZDgj6AolXsE9ktipOKys_LmZztePAgUSjMMek7opUQDSHkfgiCcunSPClmhOJ0lvGlCtaq1CYWDo1Xl7ODxKObN_ZpHqSB8tdjnyEMD3SJCbMcoHdCpuJdc6ApNmDuSp1BU9-MhFoNp3sZiCS1YkTqpv74VAhQvJuUF-Dr9Pq62-zpcyG_pcueACS0ydSng3vkauWdQEvDrOmcGPl-FvKbsHN_RofRaIfdy3nQ-55QBxXJkv_9VzPZI5-OzRQtkFt3u8_YtWOegqCMUtxKDMyuxzOmo-RSWXXqMIvvc38Z4gJ-Wkz_t9qE5ruBxRDv9QJ6REy8sPO6_aOwGjucBBPUu_EELdw4zoIJ4cAjsGQPCMrrVylYa3GgMsWbGniZeht0UWXbUUSMwvax0wUS2qgqJWJMnb3Ljgvcy13A9-zV4P6bvmpsv6_Y6VnwlrrVkW4mNdZfLQWU_18LhFgjg8HHB9kh0AGjwr0cTUgaN4JeKJ_ANIXaFzlCoQ_yn0X9y8MYaM8VIuMZe2sItENcTC9KFjF6LcqrYb98OzwIVZRWuvTf5CRxRtuZqNtIR79FKMtP7IZadx9zo-tyTqlQ--U6ZXnLVHH1-Uj25BHMaCDQYcC4DrsRzE-287co63x8ahXg7Swics-6BDzHD24B4u_L3JYwDeGXWwXcmbDVOfAKytE2bCxKyP-SgOl613gLg_lY-2PYw&sai=AMfl-YQSoTPOav9MXSjhLjkbt8bK56GwalfG1SVZcTs_T7OIndZW_gLGCSeZ8THv_sM6Yagk_DvZCDNj4uVCIaqKC1USEbURCxeSQcrBfxlHUbMShwOU7LQ9BqD1wn8-zB0ME2hYx7oIJTi4QP7Ae62ylaNO6aLfa4gqvUb9b_4&sig=Cg0ArKJSzNgBOqlFhKG5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1583&vt=11&dtpt=760&dett=3&cstd=817&cisv=r20211109.01139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8E4F 7 KB
5 KB 350ms
49ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

127d03f8627615e6fad69cf17ffc4c477ea4c31435108bf665a0894c4780f887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5280
x-xss-protection: 0

GET
H3 200 franziska.png
s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/ Frame 8E4F 48 KB
48 KB 1623ms
1623ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/franziska.png?1632826757803

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b5e6d7cc4051669b26e031653220dfc419bd5ec3f8e5d1b0d49340cdc81e3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/300x600.html?e=69&leftOffset=0&topOffset=0&c=tlfnxckr2Z&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:10:12 GMT
x-content-type-options: nosniff
age: 44963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49589
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 13:34:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 17:10:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E4F 17 KB
6 KB 1500ms
1500ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 12 Nov 2021 05:39:35 GMT

GET lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 7E88 0
0

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 1 KB
0 641ms
641ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:10 GMT
x-content-type-options: nosniff
age: 23967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55662
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:38:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:10 GMT

GET img-lensflare-0.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text1a.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text1b.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text1c.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET stoerer.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text2.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text3.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text4.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET text5.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET legal1.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET legal2.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET cta.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET logo.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET logo2.png
s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/ Frame 4E89 0
0

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4E89 77 KB
0 639ms
638ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 05:39:37 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 69A5 0
23 B 75ms
73ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 05:39:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0372 21 KB
0 84ms
83ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 17E9 0
0

GET lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 1CCE 0
0

GET
H2 200 ca Show response
choices.trustarc.com/ Frame CFD5 7 KB
3 KB 11ms
9ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-d6282579-a1f0-4cea-95dc-f658646f80f0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b4b85bfe143f87db5a035aa503bb1d1fd096f9f07c7151269c2ebfc9c1a5888a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:52:34 GMT
content-encoding: gzip
server: nginx
age: 2823
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2410
x-amz-cf-id: A025k7pXWhYjRoomPjh20ma04E-Fc1FSH1Vm2AGMdf0fTBgnZmKFug==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame CFD5 38 KB
11 KB 11ms
10ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 18:58:22 GMT
content-encoding: gzip
server: nginx
age: 38475
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: oLcr6Q5A1sJwjvu0JSf6B6A5IpsihFUbxPsh_jv6erD4jd7rxCwjfA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame CFD5 43 B
384 B 114ms
114ms Image
image/gif 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=f3ae
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:37 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 8BkNFk4OuR7NbpHdVDEFgoIvqndVtd8O_-mbJlElnsI_8B9TLHIywg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FDB 41 KB
15 KB 1053ms
1053ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 31C9 7 KB
3 KB 8ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-d6282579-a1f0-4cea-95dc-f658646f80f0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b4b85bfe143f87db5a035aa503bb1d1fd096f9f07c7151269c2ebfc9c1a5888a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:52:34 GMT
content-encoding: gzip
server: nginx
age: 2824
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2410
x-amz-cf-id: vY0yizW2jhuJzCjNAh0Haw-HXsCHbVKBBX7ycdtYVyPEhxAcyS-MfA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 31C9 38 KB
11 KB 9ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 18:58:22 GMT
content-encoding: gzip
server: nginx
age: 38476
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 8nzJB8hDFfBsNqFbiMNhvHFGK5_BYFgALT_D7ZCshug0DQn3-HdWXg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 31C9 43 B
382 B 113ms
113ms Image
image/gif 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=32bb
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:38 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 5GJMsAlETAYNcmr2pe_ceDhajFuKRIC6D2tlobB1vBOkI7h5nueJxA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0745 7 KB
3 KB 8ms
7ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw1&base=te-clr1-12a5f8f1-0941-408c-a41c-b6483b66ed6a
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 535a4133016d221aca502ded2959ba988b27a108169393981848bcf03b028f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 05:43:11 GMT
content-encoding: gzip
server: nginx
age: 86187
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2470
x-amz-cf-id: uq-UcFCvQfGm1J8CS8_zRKereRnSjEpZzUqo8HcJOhEeC4SPny2_fQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0745 38 KB
11 KB 8ms
8ms Script
text/javascript 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=digitas01cont2&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 19:01:13 GMT
content-encoding: gzip
server: nginx
age: 38305
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: qPdwa-zFHTK2AfoIbQEm1vGrZUdT_sAGf9Z-37T744pu9PndmSkO2g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 0745 43 B
383 B 145ms
145ms Image
image/gif 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=300&h=250&c=55a1
Requested by: Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:38 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 0esrJvs1QHEEFxDN3I2wlHszQLD4mznu1xwHi6hoQ0rP1YTIqBrcIQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C141 106 KB
37 KB 184ms
184ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Origin: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Nov 2021 16:55:51 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame C141 0
0

GET abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame C141 0
0

GET franziska_bg.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/ Frame 8E4F 0
0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1E38 0
53 B 50ms
49ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQwYWM9AIYtoDTtQEwAQ&v=APEucNWSr5QYvs2C9IqT7HW0N2tmtqiP0BB8Gsr102yvplsWI1ZZAIm9hWMCduF7bWVPn34s6KRNaub0_mLLJfvLAkwN0wLKeJYz2kd6C4cjZmXmu46rn4fr1RBohG1L5K2b09J_NOQ37w2DKmJxQHaw-IP7do73s508UePWdaIOLTHcByi0DUo

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Nov 2021 05:39:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C61C 76 KB
31 KB 83ms
82ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae9C7QqnoO561FB4eaRdGmA4PIxHbqVIDhuCHvqCX8ieG4eSdQa0WrfNZYxown7klUljgtg6QWc0l6HkfVwJyy3t9Ono-WU3MCIyDX9C2ZFDJKcy_MX2KxNvM7EiS7Slcv06H_oF0hIMl7JmFjANPBMwkrGg&dbm_d=AKAmf-DqPLlWlxkhGXULVbRxx3OPXDrpWn6u4zBQd_nbCkzN5cG3W_tT0LjV-X3JnBEdT0juWCdbSdp48LZJZZqOTryLAdokEbm_9s36_a8_mCLgZpCQBdJHh4W6xpYxPCoQKa-PGEJyTFQCQhLfTX5xi6TSv5BgvIzoxFzVlxCnOi3ai0w8DNeDv7S9TkoHjQJ2sis5PQG6S1LkxiAl5O-dhx1KpHML_qUaDMNXMpEfxeAOIWxJbo85JYaqVvBSvGvWO9wFJ_ozHgm3GHysFxZESMELBt1_OrqXwS_9qhk0VQec_ucFhmEdFVN2n7mLzrvq9X6h6URVwOJKa3a6mGnTWVnGWeD9tDNAKUJNF3_aBRjYiINf6QIfnJZDYWHVY-xUc4_KpGG1IKNqizSvxw3IuX5Surotn1WZey9EFuJIPNxJ0_mYR_R-Doxwr0YyHvubcrTNZltXbOEg2xxrXGwb0uxDxvuu5NaB_NDRnneuoNybXpYaZDN-7H8yqQ_PHdUfmrd6R0zOmVu368E4oKAowjNxPb771FvPh7yUOp7oU0SrCQF6UF65lNrtK0Z5kk20UFqn0RK9uTj0HQ7U0FFEn38h6sdZ-8bTLHa_bqJZddwwTucaRdL1PiR4iJ3yoHGNcJ4hwLDJkOmv9hTptLfS09xq4-XzD5PKr9-vGQkU0vwP2g1u1JopGLkm9MLbUu9zHJN0I56piDybgamisoNU6cW9odfyckm86DEaA3oGxM8SedYiAkNaC2e9kffb52JyNZzFk8QUMQoKKvTpb8-nQ4toOCgCKUPM9afAORldYeHHUYSAplPHwN6x5OLPucSIINWMdKno4VT6vVKeHA6I2_DF-ic7ZRMVf5iScwqLGCxP8KnA6tA1bHqcS7uttiZ1x3DkxWDMzOxypLrEtHB1yyr-beOSK_KN27h_Sditts5yKIRorB5Yrd0w-3PDLIMA7l-alsqXXOoJ3FwqyUD0qpHleWHqmkSFQ-38kD1D3M0681-N4NjLU34WWVsOM0jTIic6F1wojk-ZFLL1SD1YiQEOFUN_yn4elC2g3xIUGYPpIkiJdOzOau4JPLbu4Jyf9fxu8_0c1Bwv2mOpkx4hwg2--RNy18uP3rMntHN9VRVdToOwZfuFgCqlkfq8GALEgwV0sfFNxz5zHEKXHziZ9pjA3VX3CXujq4_g7eoy4wpAyq6MCUOhXRLlbjA8QA1xEf4qN57l0zNuGwNy_yXACilbJx8VB4YTPLFzF7isi2jYZGy5KG1KEh1mFnZ4trHzb0cXLMIiAQ8dhk2MsPdC_Y7Ez9vBPjtgVtfBGYMj5s3jjxjKrg-yDoMok49K3ywyZSl2FuVYjAdo1H6OhPXEqTIKBZiyEwS9jX1ussXbPdOdeTYUQzeq6K7aBYHqzBOo9ATNTr06547UKi5fnIWSloSUTP-MKQ3lvYfLEboh-1H7bthAV0pdSR-1barOPtL_6vphAZ6MO8VK6-XJy2qwSpBj7iL6Eir4AmrgZDrTbrO2h2UhvNnax9Jgh7txcfTv2n8zixmKJEL-Z5GlADWzxLbuX6q4XT9lQm_bUPWSK8yQJ2lRRQSjWtlouRZLhIhI9Cc4BDnYTyDH7xqrl65NDatET69Wkl4yFRTca7MeKgFCYHybJnjkyou_qRuy8V2hqW4NIyOZHBvqi_jpHmanhs9xi21ciwf-n2OjTWZxfXdQvF0RcDCWQXfxXXYWS294nsS1JRlPIeetjYi9T1PQHBbjdnk_67KbALONYhdU5lWCEnmwfkQbvbT2Fhe0rHcOegNv53sV2vY4gkXyBJhGOvVqCBd2lKHkOrlJK9kqQ92pMemoK4l-9DiQreP67NDG8OwGhMQa3Q-3xfWINSNj3y6wj1-8QBt52UFqX_DjmoWByz7q76vWixCTJu7F5Zjxpk5crvxHcIZVMMhyrwu0BaHTR-TXD802QW-5L1s6jsau6gzl8JNOx8zKpXqYNl7gM6f-08fsm3wlc0t2vJG4x4Y1YuYfuEIxdzKfondniYhH7uZtnpGlKPWehvZ_0Azo4p9a2IyyZ_hk62VNirn2gIDO5HveyT0GpJtqluBF_-OPvGVMXbTfOED_tJGLFvamH9AEQCMSIKLyoEeiFfqHivbL2qhuNq7BecemJVN5tEgAQb0fnB82CVIwKEHwA1VBf7T72gDjmtB6UWLJC9pFxsqvqlR3xHeN1jWshxJYwxzvE8IJlA8eE1R4mrU8_lAjqqOQ9lsVVk5aAt39uaNhf_cZt8laZyeObhg5aOvCopYP1vo-6wO5cnygIpN8xtlJuI85cAnj5lM1H5mk7urbkJXviyJPO4klbcHSy-IATK3FKeVv4MgHLuFboJ2__PkCec98BkUm7YV8yHzB6UfEcwScbURjIiBmhd5gMgsaDBZkQQ-kr40L7P-1daitNwkxRj_-AONsdVrGztVZ07WjMqgm3IsvbDVSwBs2IUfddsEbF0gaGRVkKCdStHCvRiRAjd3JohlopQrxkPv-sY_Oginq7T2_4T8qTe7mSiZJO4LJk9YltJ7s9nBZ1EW4giZk7vxe0xseH_d7KKW8sp3dzbgEHQtyjZnUWnjlv-Ey7l1nHh7zulsa2Hj5m3teWkaDKUSH4kfAw9CC1PLn699gGcV3gFKMAaweEQ5Uv0cNlMLAD8SArD_NRYUVvZnShODYWQtyBvZfTbTM-1HPfjTNbsvKKh8OdaLwxO6_I9L5poGz0fBN1hBUJzPyKM0pj7LWGoaKFxFczDxsJuH7UrdCO1mydpEgF89S9hiZ-qreXvKteU8HxtqVlgpOUHvoG6ZskEkR4UKD7A_MOBRfBHwfMkXzRJiRnfAn5of1oWactubU4pVs96yZI9M6xiR3QqkS4xeNQMW3b0DrZnkeuScBLycAtetBe2AH6cY1JUpLRaZUHq32ZGZ8nxIz0rWH5os7NBCWSZ_8zVgkxqWKxRSVz8-0ciwS-hX_3i_IQB15dJcdQgQZLmw&cid=CAASFeRojqLsCKJD_uAHFeG8PX4kLRWyAw&rfl=2%2Chttps%253A%252F%252Fwww.jatimnetwork.com%252F%240

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4915c9e6021f42fb92d2f042836812e0f3fb5ce7053240d8808abb2ceb52043e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 05:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C61C 2 KB
1 KB 289ms
289ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:46:01 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C61C 0
0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C61C 15 KB
6 KB 290ms
290ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:20:48 GMT

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame C61C 0
0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D221 0
53 B 51ms
51ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNWBoEQmlQQO0MIOICtDxWpW86pl4nw0Nlg-B48Xzxbnxr7iUAOfQVF-SfNDSL-R57Ukm_sn0YJBfIvTnyXWbtL-MMZYrrdVywImgIhGT-hQqkBIxb_StV3HLauHE1V8P5CCW0H91-QDZAqWl15RwgmT8uOzG9f2-TOve0hUCYzdTNaKemA

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Nov 2021 05:39:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET 5713719616354332649
s0.2mdn.net/simgad/ Frame 3EB1 0
0

GET abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 3EB1 0
0

GET omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 3EB1 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3EB1 0
24 B 79ms
79ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstH0t9wJ2z9lHG1NvF1r9JkXBDtMUC2G37Q-ZjIdhI5Lai85rNXBLjtBRcvfWEQnJbp5cNpUuVPKVVJfX27qtoT3SG3oSby9fh4NM_CjIPl0ZwEJGMrexZ23okMQHSYbUzaDnpncWPQmszo0vDmMRj-SSxXRces3ntMJzvHnzBzRg_49urXWnLrGLYRMeMsFv09q9dBR9iW6XBqAE3GLVPkk_Mo6wmUt5eG1RJWja-Ijr7vhC22kuwqZZXUuKwsI_8abGM2jgFHV7jEPKr9ccsJrgsCt0srICIz9KzWmHyM56-7IJdhyMIidkjK_gYr2SpDOvTJ9OeHWj901IHiBslnRs_wzF_JddWhZOSbZ8kv0A428W-D_QhpJZ6-S_DAhscMWBSSVJnaqkqBJZCYud5TTuLZX3GMAwsY2620VD1_d9gJosnWDDMoCYr-SYwdI2vMORee4vHuVhmHGlR2sqF3YJMkOs441q9NVH-3MVi0E_7I304inVpn8THsKd0iD6x5UkymMIziUaO4DGshvuwfaCRridrancouhVhlCtBDg9MDqd5nk6w5hIdXEGr0654vdXeIXyO8DgZtVf-E-CNspCdEPMDwwGy24u8xchsfpUktL7T80V6vKW0gneHwqY-7U0OG13OBWiU15bdfWRUS0UMFt9ebPAoritHAthhZy8KdPgnJZqwTX2HdgPkCDxVf_sgznOkwfhaF_6v5o-MEUrMqU-sbkqcvzlRjZAyS0tbKscQtxZNbsrproSRrPqUukotqwXqZkXKuEifRcIVSu2meHnvZrkCgxITFg8wpI16Ef8yx6IVIWKQOPCrK5RyU5G42oH00nWw0mZ9GFnWvrujYm03_HbQhXsR3PeIQ6mVGAOn3FUxhGk6PChOIBlDlEF1u9SIZlbG5jrw7KsBJsp5GN-O1ld72zfp6T_Hz04iURyijfoyk1lj9vGbqBOb5kJqufIiMmX-1JUl0nlfB6cKnixeDLgcwoX_DOhKNVZyZYfUi9UhOVJuhQqAmTpXvV0pIrq4Yp-ePq-gJ7VeXFSanZ2C888P7gqwv2gMAjY_hDFNDL72NKsHbqBt2zFh8kDSvOZue2CzHTMZ9q5Jq0aS41DPGn8X_OOwIJz2SrQMqTQcC_dnwdwnP4spE-yZCfxTWun3l5g&sai=AMfl-YRT66aVF-qSAY_I48KEvX7kUEh7wxZ_99WgVgb2fGOkXfVjen4V2Hsb0HcSWn6P1jIAIM6L4k6VO4VZM8mVRUiD6wi3sPyXoCv6HfV1g61IHu_5hPnMIVtDini2iI1dq10OKzulVKK3f4UHQSjc3a1OfMGyXAqk8wkpMxZ77XlFTCz0k38mxO6gRVukqmgJm4UgyM2u-ytsiXAn56Vp35YcSOOYsM7a3RRy7o5vq2gdngVSrjOw29gOiwg4smucFNmgfmlUTDcQAVZp5UXy4VVYycnwQJKrnxxNLWIAGG02hKFRFhn_KxS52Hqh6tS0l404GiCO8jEjqfL-FIub22XoZCLnHQncPX4mIJTIUeR3uNI0RFK8-SqOrIusUhKyEHNrvUWaTejpwde1iUl7og&sig=Cg0ArKJSzJMc-C_6tVtJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.12245&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 12 Nov 2021 05:39:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3EB1 10 KB
0 281ms
281ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 11 Nov 2022 17:49:41 GMT

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EB1 0
0

GET
H3 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 3EB1 602 B
0 279ms
279ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:46:01 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3EB1 0
0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 3EB1 15 KB
6 KB 279ms
279ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
URL: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 05:20:48 GMT

GET l
www.google.com/ads/measurement/ Frame 3EB1 0
0

GET
H3 200 index.html
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/ Frame 5B4F 3 KB
0 984ms
983ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3490
date: Thu, 11 Nov 2021 23:00:10 GMT
expires: Fri, 11 Nov 2022 23:00:10 GMT
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 23969
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C141 0
24 B 79ms
79ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYwziscZRtB3Ev8aBUHL8eCWVbVq0IHtWHowVmIocxRebkMtB-ufLnRzwax76yCwlkW9Tuq7MODgNKvAKhNm4oEqvGbBh-HKuBDIqrP67UF0H2J0ZJBya5BJkbYaHSyZq0-_5ugDzJKfNiBkiDBayNMn9Xh5rI_NsmySjc2liphcva_1qmQW-BkKqgfr9zxyPGTantWHKOTWpCX_yrwSyOdxwaFsHDChGQ-rYWgMMAamy-MUKesd3D1hGMzl3BcqMwwwi0ieP5zSCrnDKaJOHNXVSdwz9fzLBvbzHrMhzB06qs0NnwbTd96NCMntbQQmKDo8oONAurII3ra2d-IpKQJYwCuTeSKsEFROSgEeSL9Pc_L__3buQq9I2D1CkVtdj-seU2sNw_wUuhOZ7ETJ9eVeycW-FCQ9tqdRq7DaUPWLLofVmAhAN2XBZQ6SsIvsIKAqeaSj0IAE3lGmPuitwZdGGy3nwXp1uT7VYdGdZYQDB86jHaEr-1jvxXHy-4qkUJdeqpoY8U9E1zQz5al6qlEb8krgAtBDmgwgOm80OEhPt4FoVAEYkZ2wN4LSJ75Zu7UMB3VJfJx3mI5jzLcXIHTp56wPe_59sdZLM06yJlhuNdIq9_vCH4cSgt4I1D9Ln5oKjaAsua5JuaO_PXqbu4HRsDhLA0SdnfryRMvvTl_Bcx5nUxsU8klwP2g3JaUicVfu83lXsP1GvCEOGY_wUxEX9t5O7oF8t_Fs0pEx4WzlY5roA9UHEyjztZjfAEZRV37RIuezQZnxhCfkgBUCDYdY33l3TRAfeF0u6xonXmo8GJijyi9DXndnbUNUzBBDFSKQmc91M6QoQL58i9u5ZceXBzoj74936wlCJ2R2rIYZOLrIRIO7dGP_HCReFUJBFl9sQovXxeuyk9eqSVDS5-V_lfA1zcKgdugWpzBiAFU0rSySLEJcfpIoT6psQM5EdJzuX3WSYLag3gC5zzSLmwY3RmS8o5DUEJ1uUW2FEeovwk8Q0SJL9s2m5UWRVHUtFqmCrs-SonZK_fqNBtaXkRW-6HM8GkYekKTX5w-mhk62uYRRUkssiomdNUsx1lrttXodq36qeYw1Yj3yF_wFRRQr6xhOp6VE8YxN0N2wAQu8OjaUkeOzYhDox-Iq7TdYYup17g2QQaJSybkWPZiGREYKBD3ig40pk&sai=AMfl-YSkq_Z9YTDz6bmdk60z4mqW6QKXp40j7kWdKpOZTkJF5HVLUU2VkrYdl1dwzkN8I9OCjhLYwYLmdxn3ELO0s6xsp1r7WqViSbe3_JHX1E_vmJ7tVYVbYQ4ZlajUJJ39YWQP2F-JtFJX9bf7GZ9cOf8WfCjWw-BhiiR9WdU&sig=Cg0ArKJSzOz95HyIA4e8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=659&cbvp=1&cstd=657&cisv=r20211109.54646&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 12 Nov 2021 05:39:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame C61C 54 KB
0 1131ms
1131ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.jatimnetwork.com
URL: https://www.jatimnetwork.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/
Origin: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 05:32:01 GMT

GET omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame C61C 0
0

GET abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame C61C 0
0

GET W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame E991 0
0

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 176C 7 KB
0 85ms
84ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE74 0
0

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F121 10 KB
0 171ms
170ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Nov 2021 17:50:26 GMT
expires: Fri, 11 Nov 2022 17:50:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNDPDBkVuHgTbCv4e2xb7s3bmG8Y79Q8q59O1WkDHzmoWBz0IWRCm_WybPe61bx-PsXL18QaMuN8Gem730JT8-K59QBaQ6qwkQ6SkHRKcOt_2ymRQ

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C--7nCO7FhohTjwYHRE7vNm10wI-ptKLFeksSfZW-M36_IjPparaeiT-ajjQfixjHT3o7icO9vnZtejD3E-74CHWXehHGJg_TbrwTyL08K71sx4NY

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp_fy2019.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dr99HQposSyz3cyTedu08cyj8OvjYKB2skxLGXv9-t_g1GQm_VCu0aSvvroV58kE4H-zldk70WODfy5uAFF45rJIfi2YYykIKxnP1cJSh5ZlYsyOo

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/img-lensflare-0.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text1a.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text1b.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text1c.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/stoerer.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text2.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text3.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text4.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/text5.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/legal1.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/legal2.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/cta.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/logo.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1518666824903158240/11-IWE-BFW-Mrec-300x250-BFW/11-IWE-BFW-Mrec-300x250-BFW/img/logo2.png

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61893404/20210928063454159/franziska_bg.jpg?1632826757803

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_ol_4yFjgZUWPJ87QXhliOcKieHe1mD-sO70g14mDYkyNhsBZOhSSD7sYNPjym2SOOWBT0XFPZW92HrPbZPw8w6S9EJTiyNL0Qzz3uPS_6hj5yMI

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/simgad/5713719616354332649

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp_fy2019.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKQZsqOkkoXikSx_QNwSgevOgEiDLTe0f2cZtk7ENNRKGjn99BinCkkJJmvewiXE5rp9-naC_F-CEukZV0t9HS_qtXx3cHUenMfr-UvgQt_mkHalA

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRosZ-1PCZIISp4j30Y7xoRiOLnk5BW-gQDOS5LXeyxFvr3pxM0UkHOHygkZD7yftuOh-t_IySneZ4x_5tDGRpSFPyXDA

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 07:59:51	Name: IDE Value: AHWqTUmyb7k4fG4X7Rogr-OFV2Khx1Bbj0zprYXkSYn5GBWhLMb1IC7z_8PUNGtUG7Q
.jatimnetwork.com/	1970-01-20 07:59:51	Name: __gads Value: ID=8952d3e70257439f-22bb0a6c55cb00db:T=1636695569:S=ALNI_Maij45w9oDzS8OmZ95glYk-U7KMqA
.casalemedia.com/	1970-01-20 00:47:51	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 07:23:51	Name: CMID Value: YY3.Ew7DfCQSsnJpSKM2ewAA
.casalemedia.com/	1970-01-20 00:47:51	Name: CMPRO Value: 1167
.casalemedia.com/	1970-01-19 22:39:41	Name: CMST Value: YY3+E2GN-hMA
.adnxs.com/	1970-01-20 00:47:51	Name: uuid2 Value: 4406036712529221264
.casalemedia.com/	1970-01-20 07:23:51	Name: CMRUM3 Value: 2d618dfe132760CAESEEBwcH9oOli9iHEskorRCJQ
.adnxs.com/	1970-01-20 00:47:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVSf<9e>!]tbPl1M>e)ZlrFUfJ+tGXxpKDu.<aZnTmgVwSYk^#zU)OtsqG_/$IglS'UzbpRzqF1`b`2V.=1d
.openx.net/	1970-01-20 07:23:51	Name: i Value: 091d5966-910a-48f0-8936-4df9093a762c\|1636695572
.yahoo.com/	1970-01-20 07:24:13	Name: A3 Value: d=AQABBBT-jWECENwxjyfsQDNg-QkzNIdQAJsFEgEBAQFPj2GXYQAAAAAA_eMAAA&S=AQAAAv5BgX_Ii6Wrf_Mrx2rET38
.spotxchange.com/	1970-01-20 07:23:55	Name: audience Value: e94ca969-437a-11ec-aad1-1a27ea400106
.advertising.com/	1970-01-20 07:25:17	Name: APID Value: UPe968e73c-437a-11ec-8003-068b74045f7e
.analytics.yahoo.com/	1970-01-20 07:25:17	Name: IDSYNC Value: "18yl~21hh:1762~21hh"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPe968e73c-437a-11ec-8003-068b74045f7e
.yahoo.com/	1970-01-19 22:39:41	Name: APIDTS Value: 1636695572

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1950071dbfb62d366c20106830b05ea2.safeframe.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
assets.promediateknologi.com
bid.g.doubleclick.net
certify-js.alexametrics.com
certify.alexametrics.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
jatimnetwork.com
js.rfp.fout.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.advertising.com
propsid.b-cdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
s0.2mdn.net
securepubads.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jatimnetwork.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.111.242.245
13.229.41.106
13.32.121.5
142.250.181.226
142.250.185.162
142.250.185.194
142.250.185.66
142.250.185.97
142.250.186.100
142.250.186.129
142.250.186.98
142.250.186.99
18.156.147.57
18.66.112.122
18.66.97.14
185.33.221.15
185.86.138.114
185.94.180.125
2.18.234.21
216.58.212.134
2600:9000:223e:f200:13:3dcc:7840:93a1
2a00:1288:80:800::7001
2a00:1450:4001:801::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a02:26f0:6c00:2a6::7ca
3.126.56.137
34.98.64.218
44.239.69.74
52.211.22.238
52.222.214.4
52.222.236.110
74.125.133.154
89.187.162.244
00f8316296efe722d8e9fab0dd1ff0580b5ca369630d2fefcd91898e6f3dba95
0362c7c13c820d167a102eaedf467a6e161eae9ee44228b8448e331722319bf4
0386347ef50a203991886df4f4011b1cc9212360dc85c038333a0b08e0935e3a
0433abb7658acee84c064fc7f82e660dbd3bfcacbe5ae3155edf0d1040702140
08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049
096657e8b35846034725b603adcb965fba5df2888b65fbe7df5953142416228d
0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7
0b6c3337829e40e57c3deb651d4089024bc3ef552d41b768d91b375e3ee9905f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3a4798b2d30ea54ce17e1d7a5fb78a16fc62f8425dfb69d07549bb6cdd6d48
0f49a8f502bde316b4227f7a13ff568142ff57b9e56d384cb3c0d52f28cfbc84
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127d03f8627615e6fad69cf17ffc4c477ea4c31435108bf665a0894c4780f887
13a5bcb192e63d40f3c787ccad6805d32f76c4ae0c4f8656d09426a405b6da38
1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21
165aef69bcd3122ebe6fd3ba067328aa68997bb417ec75da4c895ca7b5c30b33
16bf3933f68b97cf901cae5620296899a2f0a959b1a8ada35a6c5a261d7fa66c
193b38446d8a920d4b484307bf1f129a98808f0648c2db4a9f94218bc230b38a
194e3731afa1ddc992f82bc7d36d500e8715d27972ed27ee75cb7029fd1b0836
19b4a722b9a20b883f5065e3a461eb231ee5b33d9baa7970a8a0088a03ca2dd8
1c87d5f8c489815d834a553e7afd81d6750524d8d4d411b61c3cc55a9a446cc9
1f92efe5b6d6d727a2eb197155c0b7432eda1291ebf5f255bc155141a13919bd
2214d41b278709c873fdb298e1c176c1a8c2e2f40538d1b242a48e7c871611d2
24324d20bb5b203a61ad9aaca4439488f14483def68f76c4eb1a943a9503eb90
26e0ecd973d2c25275a50b519dd3d47982c4e77302bee461c698db9768c9757b
28fec4b089c4030bf4b552d1d346156cbea916bd51359cca35466168faad3104
29288d87dd5093f1959a5ef902c207e8a42f419bf29f1dd6f29f952013102b80
2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd
2cb6b8f952f77778554e7e7c579fd7a501004d82d7e7ea04e4eca03f456756ac
2e1fb12dcc81c4e82431a5f9976ebf40c1a24b7afe7287a5881217bb6e2a8658
2fcfcc11576a620aef2d12a02ae4a7a6964c1c552635364c036007a11f0e78fc
322a87a091dbb9c5da4534a136c6da3db16c9d948f05d6e7c336708282055b9c
3260768a3f8927ae977a7de2e6816c2c81284d3481d9bb76575912ad2c4fcfee
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3533818ba7926a75143f24b2b3d77756ed15255d0e7b0816561d895f4bb36833
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
397c2c14a71cf0d901307f9300165c1c7d9a3d67fdf0d84d55a9d059eba71673
3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170
3bb95dfaf77fc687e93cd45669ce9f52061923cd26d359473c9f93aad42d27bb
3c1aeec728aa84801062ac23f1234279b07b78cd4898ce28b45f5f755fd7d6f5
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
40da1f2bb18419fdeb462e7468c95a3ce82767d881695aaa0800bd567ed53a00
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
420529e0bcdcbe3532645e35130f955fc32624627be5bea0b43710de6d762599
422e47c584262fedbfee0c56a264cd80b1e781a4375288aa506688d72b7af05d
42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0
4567790f4ceb26b4117080d2404a5946d8ea1584e07e87a3e8333337a92705cf
47ef963bcaf3740d71117501fd9cadbc3ac10a5c3142e742113b8ab2de872b71
4915c9e6021f42fb92d2f042836812e0f3fb5ce7053240d8808abb2ceb52043e
4af73c254f932d343b1ebc765d9f207993cf3eab0bb4f72029815730099bce60
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1ee2864c14d4b1e4ed24524809ba704594450f131d6e69c23bc91c4744c08f
4cbacc0846c5586ef7962c2449a23710778aeac1587563de09eee047ec66ec64
4ccfc3122ccd7a143fb57345055490f0945fe5e70c958739d01476cdc2966910
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f207b7f19e224ba16d57624bea2fde3b0812919d36d540eb99744108f50f6d
52c49d2c97e089b90b62213dabcac8b64cd3be56c7fcec90d6c2fa57bd5afb53
535a4133016d221aca502ded2959ba988b27a108169393981848bcf03b028f98
5711c255eba566192348853f51564e01e9109f4db09e59a9ee98d2c382bb0b34
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58d89face2c66d738199d054b81a06a5a3f60fab40dfbd049fa3e63d331669ad
59ba8bea764ce4ab3007bf27daad5d98944e3d1296b3df900afc5b8c027b7e82
5b5c68a5e1ea3f117694f86409677a7fc254b8e5a067c3e9c1e2d6bba14a83ce
5b5e6d7cc4051669b26e031653220dfc419bd5ec3f8e5d1b0d49340cdc81e3b0
5bcd12d7a4d79c54b7eb19ce1d87eaa38a81187a3e0be4265ab20c03d7259993
5ce4f9a7c06277a4e54c9d3cfcba40940e182c6810671a6dc5e32b7201565bcb
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d61bef89d6850c7459614ce542bb9be2daf8a7d68d270033b85a0d619ef4aea
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
601f3257ba4d24201d73a86e454fae42015a92a087b848361bdb3962c2df9434
63a6efd62e4999422af8f9e9654db9e527e827d10b31c453846a54112fd6e413
646be3639caa0fd5654b571f7c511f66488c16602fa3e4499bfcabb93bb1d5b6
6487bde3a9c890dfdb3769041cc67dbb433a1963211b186ce9a1e80b2bee26c4
64cfdbc84502d36f797ec412c8e1e01d784ba5e9d077e093a51843ae7e1fb76d
6db364213abc47dbf3e7155a9fec097962d4f454de56e95cea392dbaa8d7b48c
6db9f6009fd05ce4f30168923d534de1f2d3c6b5aecd85cb33a1f9043f1188d8
6ea133ad676a61f176dd6572ea7383fa894db11695ed35c950d78bd0f4635eae
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
7222439fab8e9ebffa41b71b65af793505b3aedf9ebc65fa99a7f684ab069c05
73c871b803dd1dcdbd42dc53507410c28a8c0e4b518b3826f2723601e8d9e1d6
7635ce6065cfa918ffc7cae1d64d3efa92d05f55659d822a30b202226f0c472b
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
77ca5cdf89ac14bf656e19582a80cc893c666123f699b3f656cf4d5456fe52ad
7a7c39f5a65ec9902406cb20fd828d9fda980a5187dc0cf6e969be93c7ba7446
7e7e32f3218085ff16d042429124b8716aa4e3953b2ede4be68135319d762489
80d71b4c8d603c4cc1309b3e86d178d59b596cc40c3268f741e7dbc231580ece
818fe2ba5abb43d2ef767a0aa86446e287f8aafdab0f9a39cda75e64e83e8812
81c8b43cee7c75214b0e5f8725f050fcca27f77b113a0d76b34ff5e300107202
8356a3c06856e514b5f8ba5f3cb4bd7718d81815b3b10dee4e54efd3880e754e
8877030c73a1de41e7870667b1f81949d9e1f694c48909522fc58f4e358a2db7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9107398c2fa403ddef0f56b584304564266acf989ab923ca9583209bdf4a8cbd
920392acd59911c0c92fa2b1986b473cc0fecd10c40ea593546625d78c4977fb
93be6be754246bde3084522aab71f6fecd3c297bbbe94de108e483f88e7830a2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a95ae5e7172768b5f3898205a109ac3ebd04bae74beb4525bd68f57858701ad
9b35986d806b37bae788e8aa86a2754dc8eef00ef8b3b319924f7144ab6dad28
9b8845403aa39200e610ceea0ca0850189e5c1aecae9026665bde73b4de46799
9c9bb5588885442b0c821f0c0be4c20936e1d9722371d88e709f7bdd077b7871
9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850
9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855
9fb4d82ea408eec1c669b79d3afd6254e73c637928d9e6a00b95fbc66129d434
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a230133986fe05d8dcdcb16a14a0bbf3ff39eb600af2757e91a57f6a825a43b1
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a431a150f9b64f454048fdebea1dce78b732bb8b82cff2f862250cf19dd8c4ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e60f3dd4f1cb60b9b61ddcef62a6b0d27770db9fcc466d671620a993be83e3
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a825cb7e92291132e11a240ffcea8716cb6fd1efdab52338f36cf17282fab0a8
a9326533fa4942249e72978ece4bf829291c302b2c482ca7502639d8069b98f2
aaa7e4a37a9ad7a960cb83f9f1c6342eb33b3dbe6efef75b52bc951c826d9b93
ab06f223d459bf92034237712de93373f91e9a4936939a737eaf1fc7fae93563
ad0bb44f279d1249e215124bd930f6e4f1b8fc11b43c9b0a0d05b017f7a73aa0
ae18c2d3c176676519428695180dbc98059240b2fc06e33472f7f68f7c7684f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d1507cd33aa410f445e8007cf82acdb25fcf3d27ea3396e0220ebb28a2a929
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4b85bfe143f87db5a035aa503bb1d1fd096f9f07c7151269c2ebfc9c1a5888a
b53c6d486527ec6c7843c267280027fc82c205da2b63d388d6c004a7149baa0c
b603041787f836e2ea76b45b8d8d66598d7aa3e1beecfd02b24f26d7f2827177
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b710e8b42d2bcca3418f6fd35782686932925e1b7cee791dfc28e8f06b9e85f0
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc8f6219865038ab982d3503055e8bda52657b4b8110ac595b3833cafc9e5fb2
bd61f86444165ff69b6a357aa1e78b18ae7f8244ee12a61dd783cef38ed0fdc7
c305d80ec7c9bbccdb3c6526bb3547c0645ed14859fdb277e74b5d042ff0a978
c6cbdebb86159494163cbb4e474f9263f66ddd4ed531fee657bb9a5b5cb196d2
c93756073d1e59f1cfae5ab8101b6cb640d8005b457ab072e274b6a3ea4be18d
ca633d2514b5c9a5170f25d765a51961eb657e40819bb07f4da766c63718c638
ce246b13a7f316521adad2d9a6af151a26d5d8ba56628b82b6afcb44ae4b2cc3
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf716655adee2e9c90ecd41ffbbf30dfa98bb70fbaa945043444704b6a3f5616
cf72d4d19c381c1b2980687c1f83f0eddbd9d37a2cd2b94815158fc342a0225c
cf7a90fbc20e00b4b0464140feee8afcbd7cb68630f309c367671aa91e8213ec
d0dd9b20aab5c98b20919d5cabd078904647d77750bc4da7dca50b8991bd4d40
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d3af7f585fc657b2abf9fd7d20b33bc0d45666e1d36da4deb424acf96a434c6c
d8df2d23b7053a11325279348f209ce2964284345f9a3752d3a2a4d17b6fef8b
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd962c3b589aae816617f974ba731114b852fe68cc6add628ab324752d3f65d2
ddce6ad6d21709d476f1a7bf664d9879ba46ba7d466335fec65da9c1243d99f3
de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848
ded9ad6f2098779a69ac67f6c22eb23db9fd70a58b9eb87e2b9b16698c61fbda
e05b017d3e7d4a47a204ab47c142ac4234b8f6433c1fec7ca12eb7ec9579297a
e0a9ce4209693037eb4f496ccc0c9811e401c0f310ee1f93a36267f8cea47366
e1557243be66cc2d0fa2e258b06480e653d90d39a1fb821de1df7a68eb481fb4
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e16ab4ed9fe40437f4c24364a13bceee06222e6b489818c34af399a177053e6c
e179b9950d625d6a3beff62a6c363892af5375240f6f87cfc7f2fb9eb0678e69
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9a693e192be6deb4d44b6f25e9e1033ef9847c77421b0bc2d649bd2377b02ab
e9e16c9d51e32edda21111ea3d92921b36461e5b3ccfe8b573e9114aca9fa258
eafb9f9f639a2c3f732f5ee2395c648c5aa36f2d258373edadfaa6e0d5747c54
ed4635a1de11611692ff52e68cf41113f22c62fd932b03d144fe940411b3a199
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6a05401f73e913374f4d4d66f37705457304a0e72e83e6817c6a8d4e20863
f058d56494bb6ecb5f065b5300d97afdd769ca0254f9df6ff3c2643c29fc6d97
f3ce2957e5099d5917944e4a24b56f514e1f2e527361515262c6973c60e91e18
f58c118e773ffaf43312dc34fd3caca477089e40c8c329eb1455ea4981729fbc
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f78bf0fcc597a168ec0ea8ee4794744cb4c2146d195a5915c7da0e629b182071
fa5f52bea78b97daa45243ea8e3b0db232228298588d59d4e9e9c262c3a369b8

www.jatimnetwork.com Open in urlscan Pro 52.222.236.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

373 Requests

79 %HTTPS

33 %IPv6

28 Domains

39 Subdomains

41 IPs

6 Countries

3160 kBTransfer

6987 kBSize

16 Cookies

13 Outgoing links

Page URL History

Redirected requests

373 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jatimnetwork.com Open in urlscan Pro
52.222.236.110 Public Scan

Screenshot
Live screenshot

Full Image

373
Requests

79 %
HTTPS

33 %
IPv6

28
Domains

39
Subdomains

41
IPs

6
Countries

3160 kB
Transfer

6987 kB
Size

16
Cookies

373 HTTP transactions
0 data transactions