machine.panturapost.com Open in urlscan Pro
45.76.227.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://machine.panturapost.com/
Submission: On January 24 via api (January 24th 2024, 12:15:09 am UTC) from US — Scanned from US

Summary HTTP 107 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 107 HTTP transactions. The main IP is 45.76.227.116, located in Elk Grove Village, United States and belongs to AS-CHOOPA, US. The main domain is machine.panturapost.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.

This is the only time machine.panturapost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	45.76.227.116 45.76.227.116	20473 (AS-CHOOPA) (AS-CHOOPA)
12	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2 12	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c08::71	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::5e	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::cf	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4004:c1b::67	15169 (GOOGLE) (GOOGLE)
4	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
107	14

39 45.76.227.116 (Elk Grove Village, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.227.116.vultrusercontent.com

machine.panturapost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c06::9c (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::71 (Ashburn, United States)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::67 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	panturapost.com machine.panturapost.com	509 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	479 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	127 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	109 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 storage.googleapis.com — Cisco Umbrella Rank: 286	33 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	863 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	194 KB
1	ytimg.com s.ytimg.com — Cisco Umbrella Rank: 11139	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	2 KB
107	10

	Domain	Requested by
39	machine.panturapost.com	machine.panturapost.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	machine.panturapost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	fonts.googleapis.com	machine.panturapost.com googleads.g.doubleclick.net
4	www.googleadservices.com	machine.panturapost.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	storage.googleapis.com	srcdoc
1	s.ytimg.com	machine.panturapost.com
1	cdnjs.cloudflare.com	machine.panturapost.com
107	13

This site contains links to these domains. Also see Links.

Domain
accesspressthemes.com

Subject Issuer	Validity	Valid
machine.panturapost.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://machine.panturapost.com/
Frame ID: 1A1F169203B3DB3EC6135A304F47FFF2
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: EB32D7A12F1583BABEE21FC9E7E9432C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5868682092011596&output=html&adk=1812271804&adf=3025194257&lmt=1706055304&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmachine.panturapost.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706055304351&bpp=64&bdt=454&idt=507&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5967820361084&frm=20&pv=2&ga_vid=140328581.1706055305&ga_sid=1706055305&ga_hid=63520438&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C42532524%2C95322434%2C31080602%2C44795552%2C95321627%2C95322163%2C21065725&oid=2&pvsid=789986830428740&tmod=2082391779&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=534
Frame ID: C8B2878B0C01ED8DC8B74504ED9E714C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F460D42F8C7FAD7BE699C37A84E58F86
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7910641A5629F8A2F89179A668C43412
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 06BD5E2944F7E2CAAB175E1A045E9707
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F224D3383A730F26B411708E9614731B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 91644B94CCE17FAC9A0DA58BEA9BB163
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: FB06089105A97F74B379681FE7E96C08
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8C24A9B8D33BE2E4D2E78226E7BDB4B2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2FCC0C917A399062BBDF8C264A6E3312
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: D33D01B8741C65345C97930106309778
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 9796B926C27EEEBDE17EC77389FE7A0A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 7A1E623F2359491CB796004279141422
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 470677083446BDE38C290419598FD82F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1768ECCB9678AD28F367CDA80527FF7D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Machine Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

107
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

1
Countries

1463 kB
Transfer

4560 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accesspressthemes.com/
Title: AccessPress Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=C68ytilawZcepCcmljvQPv7iSuAOdxZjBdaHmla2-EvaYwpiPDhABIPeDzDdgycapi8Ck2A-gAeGmj9woyAECqAMByAPJBKoEiwJP0Ib9fyhvYllei7l5vvhN8vOnJlvuy_gtr3wHWRwQyYScu3SWdJPDQF5IYjSjiKoc6p-AvE7WBbGZW0I2Cu_atPga_CJQbZPFw6v-7hP4CgJ1PX9rGWDkjU2QOD4SUgTLzgEra-v6WP24tX5yAGWtydW1ZOIyge18pzjyvAt2-Gd5znpMi9XOPqzxjiRaHPPqT74jfg9nhyEPn4jt74oiZ0KK3uUFTi0Sgo4Qc7iYpRv0UzyNgIqSud9OZ6cUNQbDGacrqu7dezDWoErFRVoGfgoJo9pWEUp9jBTIsX6wkYZW-_1jhtIRtYuDnX1MVPuAdwZVOqCGmLVhaN0GUbUkH9CZyvsICHAO7D3ABP6K7L_GBIgF5YyXg06SBQQIBBgBkgUECAUYBKAGAoAH4q-CuASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC85QbSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WN_O9aPf9IMDmgm5BGh0dHBzOi8vaW1wcm92ZWRleHBlcmllbmNlcy5jb20vd29yay1saWZlL3VuZGVyc3RhbmRpbmctcHJvdGVvbWljLXNlcnZpY2VzLWFuLWludHJvZHVjdG9yeS1ndWlkZT9hX2NpZD05MjA0JmFfZmVlZD1yc29jJmFfdmM9MjUmaHA9MSZyYWM9UHJvdGVvbWljK1NlcnZpY2VzJmRrd3M9cHJvdGVpbitpZGVudGlmaWNhdGlvbitzZXJ2aWNlJTJDcHJvdGVvbWljK2FuYWx5c2lzK3NlcnZpY2UlMkNwcm90ZW9taWMrc2VydmljZXMlMkNwcm90ZW9taWNzK2ZhY2lsaXR5JTJDYXV0b21hdGVkK3Byb3RlaW4raWRlbnRpZmljYXRpb24rc2VydmljZSUyQ2F1dG9tYXRlZCtwcm90ZWluK3NlcnZpY2UmbWF0Y2h0eXBlPSZrZXl3b3JkPSZuZXR3b3JrPWQmZGV2aWNlPWMmYWRwb3NpdGlvbj0mc291cmNlPWdvb2dsZSZjYW1wYWlnbmlkPTIwOTQ0NjM1NDkzJmFkZ3JvdXBpZD0xNTYzNjMzMjY4NDYmYWRpZD02ODc2NDQzODc3NDQmcGxhY2VtZW50PW1hY2hpbmUucGFudHVyYXBvc3QuY29tJnRhcmdldD1zZWdtZW50X2JlX2FfNTEwODE1MjA0NjE1NDQzNDMwMiZsb2NfcGh5c19tcz05MDY3NjA5JmxvY19pbnRfbXM9gAoByAsB2gwRCgsQsP3A6aqDrJ2rARICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItNTg2ODY4MjA5MjAxMTU5NhgA&sigh=X7nsQZ1jLwg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_4bKZKjJmxmQcRgSVJo0I5iwmHqK5F6bHhQuZ3GGZOlTb5my9P_FVte-kgaoYn-NPxCKNA7U2CpgkjtJgOXhXcWZI_LFHg90WhmEYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24ca42cfd8671c0a0000000000000000%22,%222%22:%220xeac0b77fb5b5844a0000000000000000%22,%223%22:%220xa1dfb12a7c1220110000000000000000%22,%224%22:%220xd9eca12ff2ab47fd0000000000000000%22,%225%22:%220x705b31344fa32a50000000000000000%22},%22debug_key%22:%221898740819830240330%22,%22debug_reporting%22:true,%22destination%22:%22https://improvedexperiences.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930606945%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225361630411694935873%22}&andc=true

Request Chain 93

https://googleads.g.doubleclick.net/pagead/adview?ai=C68RSilawZcmpCcmljvQPv7iSuAPcxt-tdbKRx9X4Eaf6qYesQRABIPeDzDdgycapi8Ck2A-gAZ-sxYYqyAEJqQKCrS7YQCuyPqgDAcgDywSqBJMCT9AE3ml9Hal_eyYLI1xZ9gdvf7CAAY6U0P9-6hsCjDferVnrbesQmeJzPrIIyREwXYEaiHsyTozvw0YaxeMzI03hXr2KzYmclwV5WpQpx9nIMK-6KtQ1Uf7RvdK3r42NJFZBj_qOgWpS0YwM6h3ykLdCVbi2f3KB63yf4yPpu467hs_sFT02JY2kTn5DOfxNrzhi58I6evVtSBJh1_r2MHE7H47iGe-jQhr2ts3s04qx_lA1N50mxauWTxAEMdZqcQrXs--oev_be4WXAA0TY4NtoV1OW3C4Q0W8RXOrXqTpzu5MJtUS_ZFq6SlrFsTjOjr9By3HeAjdlbcgZj0YSFUJ-lBRXiGPT0CtZL_aiuFdxePABKTn37XaBIgFqNeitkySBQQIBBgBkgUECAUYBKAGLoAHn-SV5gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCDpBDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WN_O9aPf9IMDmgl-aHR0cHM6Ly91cy5hbGRpc2NvdmVyLmNvbS9kc3I_cT12ZWhpY2xlJTIwaW5zdXJhbmNlJTIwbGF3eWVyJmFzaWQ9YWRfY2g1NDkmZGU9YyZyYWM9dmVoaWNsZSUyMGluc3VyYW5jZSUyMGxhd3llciZzY2xpZD0wLTI0Mjk4gAoByAsB2gwQCgoQkND7n82qsqYTEgIBA7gT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTg2ODY4MjA5MjAxMTU5NhgA&sigh=Ucd8GPwg87I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_4bKZKjJmxmQcRgSVJo0I5iwmHqK5F6bHhQuZ3GGZOlTb5my9P_FVte-kgaoYn-NPxCKNA7U2CpgkjtJgOXhXcWZI_LFHg90WhmEYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6251d7dc99395a4d0000000000000000%22,%222%22:%220xb75e632b00885e200000000000000000%22,%223%22:%220xe655aa2401b838260000000000000000%22,%224%22:%220xccde2adafa8841960000000000000000%22,%225%22:%220x2ee29eaf118f5edb0000000000000000%22},%22debug_key%22:%2215146693697646128500%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211288008223%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224049461014531398977%22}&andc=true

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
machine.panturapost.com/ 53 KB
9 KB 122ms
33ms Document
text/html 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5ac5bf6fdce105686259ff5fdedd2473054aa14ff3cb548cf01006f1154916ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 9443
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 00:15:03 GMT
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 342ms
95ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5868682092011596

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c3d48bcd1c127a5b4c7f17d9b8edf89b0fa180e80760d98b437afac56b8785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Origin: https://machine.panturapost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51117
x-xss-protection: 0
server: cafe
etag: 11986937679257689575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jan 2024 00:15:04 GMT

GET
H2 200 style.min.css
machine.panturapost.com/wp-includes/css/dist/block-library/ 107 KB
13 KB 204ms
199ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 08:19:27 GMT
server: LiteSpeed
etag: "1add3-65a63c0f-88ef98;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13280
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
3 KB 339ms
93ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.4.2

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5ef68fc524c24f225e41ed4c00faa0b6596bc50518ccead61893d1d2f1ac177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:14:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 00:15:04 GMT

GET
H2 200 jquery.mCustomScrollbar.min.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/ 42 KB
4 KB 204ms
200ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "a757-65ae9084-8919da;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3744
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 style.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/ 26 KB
4 KB 241ms
237ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: e9ff3997fd1824b230d5036b291ec38f1ad0dddc91ace74c95bff332a9078339

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "671c-65ae9084-8919ba;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4275
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 lightslider.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lightslider/ 8 KB
2 KB 241ms
238ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 0af2c245fcba2be84c64cf74beedd0cddab8c67ceab288ad091cc429a49a65e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "2145-65ae9084-8919d6;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1512
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 font-awesome.min.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/css/ 30 KB
7 KB 241ms
238ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "791c-65ae9084-8919bb;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6648
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 animate.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/css/ 74 KB
4 KB 242ms
239ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 8621f34021150dff10ae76033fbab2e1e4c9c0840cb0162213425a4b42d2ef54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "128bb-65ae9084-891988;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4087
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 prettyPhoto.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/ 20 KB
3 KB 242ms
239ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cb444ba3d0eb341ae27ff4e550228e184ac89b72da014d46e4f252d81ec26c86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "4e59-65ae9084-8919db;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2551
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 slick.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/ 2 KB
559 B 243ms
240ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "767-65ae9084-891a09;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 493
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 slick-theme.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/ 3 KB
839 B 243ms
240ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "d15-65ae9084-891a08;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 773
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 keyboard.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/css/ 43 KB
4 KB 299ms
297ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 7e1494d864c525a652b3179defb60ae4f7c7f1c2841dd75592e82b66e6dad6c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "ab48-65ae9084-89198c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4408
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 style.css
machine.panturapost.com/wp-content/themes/vmagazine/ 523 KB
48 KB 299ms
297ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/style.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 9994a66dc75b6f05ec34a792715b5d0ff062bbb728cbe786529df1ed3f080545

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "82abc-65ae9084-891a6f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49547
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 responsive.css
machine.panturapost.com/wp-content/themes/vmagazine/assets/css/ 237 KB
22 KB 381ms
379ms Stylesheet
text/css 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5c4a0551cf12f0ed16c247949a10cfc4fbff26aaa8c83708ab9790656c3dbd1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:03 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "3b548-65ae9084-89198d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22210
expires: Wed, 31 Jan 2024 00:15:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 336ms
93ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&ver=6.4.2

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 00:15:04 GMT

GET
H2 200 jquery.min.js Show response
machine.panturapost.com/wp-includes/js/jquery/ 86 KB
29 KB 414ms
412ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 08:19:27 GMT
server: LiteSpeed
etag: "15601-65a63c0f-88eb62;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29597
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H2 200 jquery-migrate.min.js Show response
machine.panturapost.com/wp-includes/js/jquery/ 13 KB
5 KB 444ms
443ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 08:19:27 GMT
server: LiteSpeed
etag: "3509-65a63c0f-88eb68;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4679
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H2 200 motorcycle-insurance-florida-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 34 KB
34 KB 445ms
444ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/motorcycle-insurance-florida-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 58eb45ecdd4e20fb42c251bfcd74ca110fcea81e8a4b9efad659f580ba99d46b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Tue, 23 Jan 2024 01:12:21 GMT
server: LiteSpeed
etag: "86e5-65af1275-8887d0;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 34533
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H2 200 advantages-and-disadvantages-of-cloud-storage-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 26 KB
26 KB 531ms
530ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/advantages-and-disadvantages-of-cloud-storage-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 7338ff8f3c520adee10e781dd2b9916dfa2213e751d2d53d02522d30a91a19c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Tue, 23 Jan 2024 01:09:20 GMT
server: LiteSpeed
etag: "6711-65af11c0-8887b7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 26385
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 sports-car-insurance-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 16 KB
16 KB 104ms
103ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/sports-car-insurance-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 6e2be5c45726886d23692d9d4d5b3175df8810078d04e78d77f766afb3dfa0a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Tue, 23 Jan 2024 01:02:02 GMT
server: LiteSpeed
etag: "3ff6-65af100a-888793;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 16374
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 do-earbuds-make-your-hearing-worse-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 13 KB
13 KB 115ms
111ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/do-earbuds-make-your-hearing-worse-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 4f522acb398a29f957c848d3d360260a878a7dcbd16d7f5db68e839d06ee99f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 18:05:57 GMT
server: LiteSpeed
etag: "35a4-65aeae85-891b7f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13732
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 does-apple-make-earbuds-for-small-ears-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 18 KB
18 KB 315ms
311ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/does-apple-make-earbuds-for-small-ears-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 2415a563a46c864d074d31c46cb22be6fda7fe19e1a5e8707940ddb395166be0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 18:02:50 GMT
server: LiteSpeed
etag: "4836-65aeadca-891b70;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18486
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 motorcycle-insurance-in-california-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 24 KB
24 KB 294ms
291ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/motorcycle-insurance-in-california-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 3c33a763402038c3b613231daafede3a7031bd537bd627d75e1be18d1fc8f817

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 17:57:03 GMT
server: LiteSpeed
etag: "6025-65aeac6f-891b67;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24613
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 how-to-test-earbud-mic-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 16 KB
16 KB 326ms
324ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/how-to-test-earbud-mic-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 749e5ca717827cb3bd4f4ffbba3e423dc060486a8b333d3fe3137bc1b25b2729

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 17:53:59 GMT
server: LiteSpeed
etag: "4063-65aeabb7-891b57;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 16483
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 how-to-make-my-left-earbud-louder-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 22 KB
22 KB 328ms
325ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/how-to-make-my-left-earbud-louder-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: bf2eb7a1815b1d8c1396763554ce83c70c5a59d618e3fb44822c1e25f4a1f839

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 17:47:31 GMT
server: LiteSpeed
etag: "588f-65aeaa33-891b4c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22671
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 what-is-a-credit-score-range-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 26 KB
26 KB 328ms
326ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/what-is-a-credit-score-range-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 253b20dd0909cbfba352272e6d57aba0aa7c717f0b7df9633823f2f9f049aeab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 17:44:03 GMT
server: LiteSpeed
etag: "66aa-65aea963-891b3d;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 26282
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 is-it-safe-to-wear-earbuds-400x340.jpg
machine.panturapost.com/wp-content/uploads/2024/01/ 18 KB
18 KB 336ms
334ms Image
image/jpeg 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://machine.panturapost.com/wp-content/uploads/2024/01/is-it-safe-to-wear-earbuds-400x340.jpg
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 1ebc6bbb68855d057078e3b7b2848b525ce900e0512507e0a76d43ad524da314

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 17:38:44 GMT
server: LiteSpeed
etag: "4845-65aea824-891b29;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18501
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 jquery.lazy.min.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lazy-load/ 5 KB
2 KB 265ms
261ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 0192777d238a25bd733dcbf1e16096129fe0015a9220a04ba1baca322000cfe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "139f-65ae9084-8919c4;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2205
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 jquery.mCustomScrollbar.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/ 93 KB
21 KB 265ms
261ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "174ae-65ae9084-8919d9;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 21210
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 jquery.fitvids.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 3 KB
1 KB 267ms
263ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "d6d-65ae9084-8919aa;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1170
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 navigation.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 3 KB
1018 B 268ms
264ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 28da7cecad28461418089f8aa61188365dd9935932004e6d35f24b729d637ebd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "c11-65ae9084-8919ac;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 974
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 skip-link-focus-fix.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 732 B
397 B 268ms
265ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 11568a1a7f4ac4e0430f69d6f8a3d47fe874c9d10db8bc24975d28b6745a1e67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "2dc-65ae9084-8919ad;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 353
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 lightslider.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lightslider/ 49 KB
7 KB 269ms
265ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: fe1f0da2dae044b6dc164d445ff5f64071143a10b007ccf1a0cca155bbb884bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "c326-65ae9084-8919d7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6951
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 wow.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 16 KB
3 KB 271ms
267ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "3ec2-65ae9084-8919af;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3362
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 jquery.prettyPhoto.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/ 21 KB
5 KB 271ms
267ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "5408-65ae9084-891a02;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5555
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 iframe-api.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 746 B
410 B 271ms
268ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 4e20b50061dbc5b7e11a57354561f02e99b0e2a973cfb01f32343780d0e55e59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "2ea-65ae9084-8919a9;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 366
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/ 16 KB
3 KB 271ms
268ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "3e07-65ae9084-891a0b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3254
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 slick.min.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/ 42 KB
10 KB 273ms
270ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "a770-65ae9084-891a0a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10003
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H3 200 vmagazine-custom.js Show response
machine.panturapost.com/wp-content/themes/vmagazine/assets/js/ 37 KB
6 KB 279ms
276ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5ea0008cb1650dc71a6c3bda07e5ef8847374e46601d6ffd2a42ee66c7e7d3e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "9337-65ae9084-8919ae;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5589
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
BLOB 200
OK bf48aa04-8845-44d6-ab63-342dc784f8b4
https://machine.panturapost.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://machine.panturapost.com/bf48aa04-8845-44d6-ab63-342dc784f8b4
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 403 KB
137 KB 267ms
132ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5868682092011596

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e9bf980ccf0f76af08b7c4a9b91b5e09dc6fa77c0e5493dd13262618e063e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139757
x-xss-protection: 0
server: cafe
etag: 10129541760958761945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:15:04 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame EB32 9 KB
5 KB 240ms
81ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5868682092011596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:13:07 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 00:13:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 218ms
83ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://machine.panturapost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 15:56:19 GMT
x-content-type-options: nosniff
age: 29925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 15:56:19 GMT

GET
H3 200 fontawesome-webfont.woff2
machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/ 75 KB
75 KB 99ms
98ms Font
font/woff2 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
Origin: https://machine.panturapost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
last-modified: Mon, 22 Jan 2024 15:57:56 GMT
server: LiteSpeed
etag: "12d68-65ae9084-8919c0;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 77160
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 272ms
138ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://machine.panturapost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:04:56 GMT
x-content-type-options: nosniff
age: 54608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:04:56 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 199ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7149782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6AIWWZ3N1QHDaS%2FOJ8n%2BnJdETwngS3Hkxpq0iXZw6I7BzTXkVV%2FyD5Nv53mL5FVizfG5r4QMjaq%2F8oZ%2FIre%2FEikZ8lYnglpAUayDyAj8VJwsVn7tQ%2FJSTbja4z5d3Xi2VAchrsP%2Fskduwx1Ui0%2BXm8y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a414775a50c33d-EWR
expires: Mon, 13 Jan 2025 00:15:04 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/ 24 KB
9 KB 196ms
34ms Script
text/javascript 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c61983e521712c88d0253a4b6aab750a63a9722b7efa9b8c2d4ba0e875990a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8763
x-xss-protection: 0
last-modified: Wed, 13 Jul 2016 18:57:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jan 2024 16:13:14 GMT

GET
H3 200 wp-emoji-release.min.js Show response
machine.panturapost.com/wp-includes/js/ 18 KB
5 KB 121ms
120ms Script
application/x-javascript 45.76.227.116
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://machine.panturapost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: machine.panturapost.com
URL: https://machine.panturapost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.76.227.116 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.227.116.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:04 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 08:19:27 GMT
server: LiteSpeed
etag: "4904-65a63c0f-88eb71;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4611
expires: Wed, 31 Jan 2024 00:15:04 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8B2 550 KB
105 KB 1833ms
1832ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5868682092011596&output=html&adk=1812271804&adf=3025194257&lmt=1706055304&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmachine.panturapost.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706055304351&bpp=64&bdt=454&idt=507&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5967820361084&frm=20&pv=2&ga_vid=140328581.1706055305&ga_sid=1706055305&ga_hid=63520438&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C42532524%2C95322434%2C31080602%2C44795552%2C95321627%2C95322163%2C21065725&oid=2&pvsid=789986830428740&tmod=2082391779&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=534

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebb7ffa9dc1ac9bd5b6e18dc92958f8d049d31c3b35414e8d749ef5327f01368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 107635
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:06 GMT
expires: Wed, 24 Jan 2024 00:15:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 165 KB
56 KB 103ms
102ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/reactive_library_fy2021.js?bust=31080602

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0142f5966fadae75f578cce79bb47536ca3a8304694202f65087a578f7b330a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56994
x-xss-protection: 0
server: cafe
etag: 12241906981603470593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:15:06 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F460 9 KB
4 KB 75ms
75ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 01:51:39 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 01:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 7910 9 KB
4 KB 67ms
66ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 01:51:39 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 01:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 06BD 9 KB
4 KB 79ms
78ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 01:51:39 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 01:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F224 9 KB
4 KB 78ms
77ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 01:51:39 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 01:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F460 4 KB
767 B 28ms
27ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 23:22:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F460 205 B
293 B 87ms
24ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:14:06 GMT
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Jan 2025 00:14:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F460 604 B
1 KB 86ms
23ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:48:48 GMT
x-content-type-options: nosniff
age: 1579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 23:48:48 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F460 16 KB
7 KB 91ms
28ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 06:06:49 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F460 22 KB
10 KB 87ms
25ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 06:05:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 7910 23 KB
9 KB 108ms
55ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9164 143 B
166 B 33ms
32ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:37:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7910 3 KB
1 KB 108ms
58ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7910 20 KB
8 KB 89ms
38ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:47 GMT

GET
H2 200 452250696235178878
tpc.googlesyndication.com/simgad/ Frame 7910 26 KB
27 KB 108ms
58ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/452250696235178878?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql84L7qA12TY1zozBAbu4y5NAVkkg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ba832b54769f232bdce515f3d66cdc69c8b873874e558cccf342cf841196f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:25:34 GMT
x-content-type-options: nosniff
age: 2973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26834
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 18:56:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Jan 2025 23:25:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7910 205 KB
65 KB 275ms
220ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7910 36 KB
15 KB 133ms
83ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F224 4 KB
655 B 37ms
37ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:08:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F224 2 KB
902 B 70ms
65ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:55:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F224 23 KB
9 KB 69ms
66ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F224 3 KB
1 KB 70ms
67ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F224 20 KB
8 KB 66ms
64ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F224 205 KB
65 KB 235ms
232ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame F224 37 KB
15 KB 28ms
25ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 05:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 05:29:58 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/14914741559343391870/ Frame F224 21 KB
22 KB 69ms
68ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14914741559343391870/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a698d74bd1f83ffc5be31c3b3411933662ca63b03d657e0a35442628e8f3cd20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 22:52:25 GMT
date: Tue, 23 Jan 2024 22:52:25 GMT
x-content-type-options: nosniff
age: 4962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21889
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 21:02:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 18369786356095416101
tpc.googlesyndication.com/simgad/ Frame F224 4 KB
4 KB 81ms
80ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18369786356095416101?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf42ba8858dd09c4d9dd56206bb42435a99ab53b7c539b2302c86dcd192de209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 12:39:19 GMT
date: Tue, 23 Jan 2024 12:39:19 GMT
x-content-type-options: nosniff
age: 41748
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3603
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 19:03:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame FB06 13 KB
13 KB 107ms
46ms Font
application/octet-stream 2607:f8b0:4004:c07::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:23:25 GMT
age: 3102
x-guploader-uploadid: ABPtcPovSEvCEmA0B0LaokVDOc-ywLA3TXgIs0Jc6Lu2d0OkqAHIT-J6yeERP5uQoShgoyYAFgg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 24 Jan 2024 00:23:25 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame FB06 12 KB
13 KB 105ms
45ms Font
application/octet-stream 2607:f8b0:4004:c07::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:30:31 GMT
age: 2676
x-guploader-uploadid: ABPtcPqNEEwHXGq0ZK0h3CXPC3znF7wwb8lfyIuW6DWBr05wtkUGsc1jrnTSP4CazUscVzaDW9E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 24 Jan 2024 00:30:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C24 14 KB
1 KB 104ms
104ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8C24 2 KB
856 B 83ms
82ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:55:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8C24 23 KB
9 KB 83ms
82ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2FCC 143 B
166 B 150ms
150ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:37:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8C24 3 KB
1 KB 83ms
81ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8C24 20 KB
8 KB 82ms
81ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:51:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C24 205 KB
65 KB 369ms
368ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 8C24 37 KB
15 KB 93ms
93ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 05:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 05:29:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9164
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
24ms

Document
text/html

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:07 GMT
expires: Wed, 24 Jan 2024 00:15:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F224 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6038dc473cb1518d33e441277931af55dca02d55b4f315d2afd7796a18e5716d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2FCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:07 GMT
expires: Wed, 24 Jan 2024 00:15:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7910 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fe575faa51baf33fae24bac092a36811a0edf6061238bc64fc4173a7f0bb21f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F224 15 KB
16 KB 18ms
17ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 04:18:33 GMT
x-content-type-options: nosniff
age: 71794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 04:18:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F224 15 KB
15 KB 53ms
53ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:05:34 GMT
x-content-type-options: nosniff
age: 50973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 10:05:34 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame D33D 50 KB
19 KB 16ms
16ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 11:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 11:35:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7910
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C68ytilawZcepCcmljvQPv7iSuAOdxZjBdaHmla2-EvaYwpiPDhABIPeDzDdgycapi8Ck2A-gAeGmj9woyAECqAMByAPJBKoEiwJP0Ib9fyhvYllei7l5vvhN8vOnJlvuy_gtr3wHWRwQyYS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24ca42cfd8671c0a0000000000000000%22,%222%22:%220xeac0b77fb5b5844a0000000000000000%22,%223%22:%220xa1dfb1...

0
0

210ms
172ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24ca42cfd8671c0a0000000000000000%22,%222%22:%220xeac0b77fb5b5844a0000000000000000%22,%223%22:%220xa1dfb12a7c1220110000000000000000%22,%224%22:%220xd9eca12ff2ab47fd0000000000000000%22,%225%22:%220x705b31344fa32a50000000000000000%22},%22debug_key%22:%221898740819830240330%22,%22debug_reporting%22:true,%22destination%22:%22https://improvedexperiences.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930606945%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225361630411694935873%22}&andc=true

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x24ca42cfd8671c0a0000000000000000","2":"0xeac0b77fb5b5844a0000000000000000","3":"0xa1dfb12a7c1220110000000000000000","4":"0xd9eca12ff2ab47fd0000000000000000","5":"0x705b31344fa32a50000000000000000"},"debug_key":"1898740819830240330","debug_reporting":true,"destination":"https://improvedexperiences.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930606945"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"5361630411694935873"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 00:15:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 00:15:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x24ca42cfd8671c0a0000000000000000","2":"0xeac0b77fb5b5844a0000000000000000","3":"0xa1dfb12a7c1220110000000000000000","4":"0xd9eca12ff2ab47fd0000000000000000","5":"0x705b31344fa32a50000000000000000"},"debug_key":"1898740819830240330","debug_reporting":true,"destination":"https://improvedexperiences.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930606945"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"5361630411694935873"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F224
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C68RSilawZcmpCcmljvQPv7iSuAPcxt-tdbKRx9X4Eaf6qYesQRABIPeDzDdgycapi8Ck2A-gAZ-sxYYqyAEJqQKCrS7YQCuyPqgDAcgDywSqBJMCT9AE3ml9Hal_eyYLI1xZ9gdvf7CAAY6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6251d7dc99395a4d0000000000000000%22,%222%22:%220xb75e632b00885e200000000000000000%22,%223%22:%220xe655aa...

0
0

171ms
170ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6251d7dc99395a4d0000000000000000%22,%222%22:%220xb75e632b00885e200000000000000000%22,%223%22:%220xe655aa2401b838260000000000000000%22,%224%22:%220xccde2adafa8841960000000000000000%22,%225%22:%220x2ee29eaf118f5edb0000000000000000%22},%22debug_key%22:%2215146693697646128500%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211288008223%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224049461014531398977%22}&andc=true

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6251d7dc99395a4d0000000000000000","2":"0xb75e632b00885e200000000000000000","3":"0xe655aa2401b838260000000000000000","4":"0xccde2adafa8841960000000000000000","5":"0x2ee29eaf118f5edb0000000000000000"},"debug_key":"15146693697646128500","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11288008223"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"4049461014531398977"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 00:15:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 00:15:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6251d7dc99395a4d0000000000000000","2":"0xb75e632b00885e200000000000000000","3":"0xe655aa2401b838260000000000000000","4":"0xccde2adafa8841960000000000000000","5":"0x2ee29eaf118f5edb0000000000000000"},"debug_key":"15146693697646128500","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11288008223"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"4049461014531398977"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9796 50 KB
19 KB 15ms
15ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 11:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 11:35:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 126ms
86ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 00:15:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 41ms
41ms XHR
application/json 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dfdd0d86f0a3a83b28744bb15c672b720e2c198c810f14b678385c70a3bd6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12095
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A1E 50 KB
19 KB 14ms
14ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: machine.panturapost.com
URL: https://machine.panturapost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 11:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 11:35:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 84ms
84ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 00:15:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 00:15:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4706 13 KB
5 KB 20ms
20ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 25251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 17:14:16 GMT
expires: Wed, 22 Jan 2025 17:14:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1768 829 B
559 B 32ms
32ms Document
text/html 2607:f8b0:4004:c1b::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8728d8d804c208709b06285efc3a2b4a261104eb4d1f66630d74f7df282b972a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PM0vIqiV3ZckyiAq-Pg2aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://machine.panturapost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PM0vIqiV3ZckyiAq-Pg2aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:15:07 GMT
expires: Wed, 24 Jan 2024 00:15:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4706 39 KB
15 KB 24ms
23ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 22:13:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1768 0
0 34ms
34ms Image
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=789986830428740&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4706 0
10 B 91ms
90ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vznozQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:15:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 33ms
33ms Image
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=789986830428740&bg=!fn2lfTLNAAa8BdJLnAU7ADQBe5WfOO0hEoJoxOBL-rfIWHRxLDOu9MffCuqKlQBLRaE6P6DP4adPRK8m-dfiiqmOIBiUAgAAAEhSAAAABWgBB5kCvK1xsAYkhGrH0-WflhVrPco9xSFGm0wgyuBUGEPVEjznJngqAYe8RaY4Xj0vH_ioYbZaY_IgKOuXLljCAqRW0pk14J2K5GXIsfdwVytLLLZjEFThPqwqCP0gqeApz_UT-kNEeDIA1ux49a5bEVBkRGhKgrJwkSeYhU7t86yRhTqoqa0ahHUcfHqTr_cz8BRkxul7PCEdBkS0bzbYMPkaucCGnxOMZ7QinkBDun_DsrZkoqdMUbo6Lii8clc5f2OmOFRJH4hwMohHrjuHXX85XzoEOFomHEDiM0qLEuVYuutwA75c0fkibQ4ZP2gFLOAHdk-Cf5MBd1aI9AO7KkSf1PFbgnfCtgzsQMncoIbwYTvwWweudhPjtsrrWE6x3bRhrFzbNO6TF1HjRdf6vVGBysSNhQ49rmx6599TlG8Fnv4QlC_hHlu7syEtQXXMYwXReratQDKhgrUotto1UtWM723YuyJSHaUr0YkWJbqMjJMwTL8h_pBncnoDFfOKuC1rlpX0BrTQkEQbcMDr_KGvfgEdzFvFS2QV7qoImCQ56qTiNWpwGQgKMKPWpqhEPuV_mMRHM90ewufPITwbBzU9PzVSPQSdg_372CS4zXQLnQ-_AI7FkzXxzY-ZgK3UdyWgvwfEjh7K_FQ6FtDBhcmi7mn7PvjSc1jDAnYqSJ4QTw-25UhnwIi7IH4mcM2DfHBAr7RzBh8ZutLmkt9nLmJ1jjC3BtvB0yiZO0ALrciIe7RfjcO-lKpOZ_eIjtLu1cHLUxH9BBJ3SwT4s5_Wzbi1I48TmTCSCgFVo6N103RlEIDVt9EJWdp4t_RCp4u3cvzelbdTQEsa_KnD0KPLTdMzqyLcrgu7BOXwH6dB6bZ8V6Ceiwna4lRlWqymppUuWQUH0OaRluVB-9zNxHY0uuXD2ahmTkJVfa1C6NsnSaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://machine.panturapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7910 42 B
64 B 78ms
78ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlSKSRD5CmhFdkNtATZeHzLncomA0FTk9bNc0E-6GUs46g5csAL0-qqeVZzGDrDpoDTGmy234mkEhCOzyoZzo7jdHc-qx4A0llRWGSFNUeuCS2U4WITyqR1x5JYGINyE_0DGXfkJ8B1NMUaFVClMQgyCip&sai=AMfl-YQ0QMlVjDu6mLUE0JdJ_YkydSK3xhLhpM3d_NtXJMMZLcxlIFwpWtvNELTzNVIQHenMuP_34i-Pwe0NrD4S4ZBb9_fzrC6SVesVzjQ92UFoLu7MkaBopgmkvEptBqhB0yqFR66R5TdMGZ8ojhHsAQ&sig=Cg0ArKJSzLq8au8wNR3AEAE&cid=CAQSTwAvHhf_4bKZKjJmxmQcRgSVJo0I5iwmHqK5F6bHhQuZ3GGZOlTb5my9P_FVte-kgaoYn-NPxCKNA7U2CpgkjtJgOXhXcWZI_LFHg90WhmEYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706055306967&rpt=486&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 00:15:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F224 42 B
64 B 31ms
31ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcBouW0u3tuK_3TlR0iUV7izZQcbBIH3Zy4R4HdarMhWCWc6s8SRlrNOV8RE1AoQmMOEvt86CQkLfuXIwqXkFe_Ax3x9gjJLpYJtbC2NvXoAhi9SqwabCUgPrrLekQ-YWSz3v9tBoR4Gfu3C0cEFRyi6B3&sai=AMfl-YR9g7B79YQeZGZkW64dXIDUbmLdJPjBPpGYiHp35odZNLH75mLILBhWChs-4Kg3j01zgmgeeZESBiqxWacQpwaNJVI45txLytvovkECMJn4eS6vfErro9jnYlXBPD0dXhmmLhq9WNlysCTykrIiOA&sig=Cg0ArKJSzBmr1mf4lghdEAE&cid=CAQSTwAvHhf_4bKZKjJmxmQcRgSVJo0I5iwmHqK5F6bHhQuZ3GGZOlTb5my9P_FVte-kgaoYn-NPxCKNA7U2CpgkjtJgOXhXcWZI_LFHg90WhmEYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=322,1000,1000,1000,1000&tos=322,678,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706055306974&rpt=602&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 00:15:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.panturapost.com/	1970-01-21 03:15:51	Name: __gads Value: ID=a506ad3e718da050:T=1706055306:RT=1706055306:S=ALNI_MbY5sebFQIctfNKuWYRH74IsiiRng
.panturapost.com/	1970-01-21 03:15:51	Name: __gpi Value: UID=00000db98fd7597a:T=1706055306:RT=1706055306:S=ALNI_MbgrWQpESYyx7Hz0DrtKp3BokCxaw
.doubleclick.net/	1970-01-20 17:54:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:30:15	Name: IDE Value: AHWqTUntbc5B0uFmB461BRwcyoANMWS7xY2vQgJwO5KYe6hUrPMScymB93G67LxcAQo
.googleadservices.com/	1970-01-20 20:03:51	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
machine.panturapost.com
pagead2.googlesyndication.com
s.ytimg.com
storage.googleapis.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
172.253.63.155
2606:4700::6811:190e
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::cf
2607:f8b0:4004:c08::71
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1b::67
2607:f8b0:4004:c1b::9b
45.76.227.116
0142f5966fadae75f578cce79bb47536ca3a8304694202f65087a578f7b330a5
0192777d238a25bd733dcbf1e16096129fe0015a9220a04ba1baca322000cfe8
07c3d48bcd1c127a5b4c7f17d9b8edf89b0fa180e80760d98b437afac56b8785
0af2c245fcba2be84c64cf74beedd0cddab8c67ceab288ad091cc429a49a65e7
11568a1a7f4ac4e0430f69d6f8a3d47fe874c9d10db8bc24975d28b6745a1e67
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ebc6bbb68855d057078e3b7b2848b525ce900e0512507e0a76d43ad524da314
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2415a563a46c864d074d31c46cb22be6fda7fe19e1a5e8707940ddb395166be0
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
253b20dd0909cbfba352272e6d57aba0aa7c717f0b7df9633823f2f9f049aeab
28da7cecad28461418089f8aa61188365dd9935932004e6d35f24b729d637ebd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c61983e521712c88d0253a4b6aab750a63a9722b7efa9b8c2d4ba0e875990a2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
3c33a763402038c3b613231daafede3a7031bd537bd627d75e1be18d1fc8f817
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e20b50061dbc5b7e11a57354561f02e99b0e2a973cfb01f32343780d0e55e59
4e9bf980ccf0f76af08b7c4a9b91b5e09dc6fa77c0e5493dd13262618e063e26
4f522acb398a29f957c848d3d360260a878a7dcbd16d7f5db68e839d06ee99f8
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
58eb45ecdd4e20fb42c251bfcd74ca110fcea81e8a4b9efad659f580ba99d46b
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
5ac5bf6fdce105686259ff5fdedd2473054aa14ff3cb548cf01006f1154916ec
5c4a0551cf12f0ed16c247949a10cfc4fbff26aaa8c83708ab9790656c3dbd1d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ea0008cb1650dc71a6c3bda07e5ef8847374e46601d6ffd2a42ee66c7e7d3e3
5fe575faa51baf33fae24bac092a36811a0edf6061238bc64fc4173a7f0bb21f
6038dc473cb1518d33e441277931af55dca02d55b4f315d2afd7796a18e5716d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6dfdd0d86f0a3a83b28744bb15c672b720e2c198c810f14b678385c70a3bd6de
6e2be5c45726886d23692d9d4d5b3175df8810078d04e78d77f766afb3dfa0a7
72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3
7338ff8f3c520adee10e781dd2b9916dfa2213e751d2d53d02522d30a91a19c0
749e5ca717827cb3bd4f4ffbba3e423dc060486a8b333d3fe3137bc1b25b2729
7e1494d864c525a652b3179defb60ae4f7c7f1c2841dd75592e82b66e6dad6c7
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8621f34021150dff10ae76033fbab2e1e4c9c0840cb0162213425a4b42d2ef54
8728d8d804c208709b06285efc3a2b4a261104eb4d1f66630d74f7df282b972a
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9994a66dc75b6f05ec34a792715b5d0ff062bbb728cbe786529df1ed3f080545
9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a698d74bd1f83ffc5be31c3b3411933662ca63b03d657e0a35442628e8f3cd20
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db
bf2eb7a1815b1d8c1396763554ce83c70c5a59d618e3fb44822c1e25f4a1f839
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb444ba3d0eb341ae27ff4e550228e184ac89b72da014d46e4f252d81ec26c86
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf42ba8858dd09c4d9dd56206bb42435a99ab53b7c539b2302c86dcd192de209
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d5ef68fc524c24f225e41ed4c00faa0b6596bc50518ccead61893d1d2f1ac177
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ba832b54769f232bdce515f3d66cdc69c8b873874e558cccf342cf841196f3
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e9ff3997fd1824b230d5036b291ec38f1ad0dddc91ace74c95bff332a9078339
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ebb7ffa9dc1ac9bd5b6e18dc92958f8d049d31c3b35414e8d749ef5327f01368
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe1f0da2dae044b6dc164d445ff5f64071143a10b007ccf1a0cca155bbb884bf

machine.panturapost.com Open in urlscan Pro 45.76.227.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

97 %HTTPS

85 %IPv6

10 Domains

13 Subdomains

14 IPs

1 Countries

1463 kBTransfer

4560 kBSize

5 Cookies

1 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

machine.panturapost.com Open in urlscan Pro
45.76.227.116 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

1
Countries

1463 kB
Transfer

4560 kB
Size

5
Cookies

107 HTTP transactions
2 data transactions