wingwah.fi Open in urlscan Pro
97.79.236.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Effective URL:
https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Submission: On November 14 via api (November 14th 2023, 4:11:00 pm UTC) from US — Scanned from US

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 21 domains to perform 104 HTTP transactions. The main IP is 97.79.236.49, located in Dallas, United States and belongs to TWC-11427-TEXAS, US. The main domain is wingwah.fi.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 16th 2023. Valid for: 3 months.

This is the only time wingwah.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	97.79.236.49 97.79.236.49	11427 (TWC-11427...) (TWC-11427-TEXAS)
30	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
3	66.84.29.14 66.84.29.14	11989 (WEBINT) (WEBINT)
2 8	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
4 9	103.66.86.91 103.66.86.91	142376 (IDNIC-BUK...) (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif)
2	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.222.67.46 3.222.67.46	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
13	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
4 4	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
2 2	18.233.115.175 18.233.115.175	14618 (AMAZON-AES) (AMAZON-AES)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
4	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
2 2	184.86.146.172 184.86.146.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:a344:818b:7db4:692b	14618 (AMAZON-AES) (AMAZON-AES)
104	16

6 97.79.236.49 (Dallas, United States) 1 redirects

ASN11427 (TWC-11427-TEXAS, US)
PTR: gvo23649.gvodatacenter.com

www.wingwah.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wingwah.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.84.29.14 (United States)

ASN11989 (WEBINT, US)
PTR: vmcp124.myhostcenter.com

pontiarmada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:807::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.66.86.91 (Indonesia) 4 redirects

ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID)
PTR: ironhide.idserverhost.com

komkatkaj.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.67.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-67-46.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.43 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.115.175 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-115-175.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.86.146.172 (Eden Prairie, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:a344:818b:7db4:692b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	807 KB
21	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	95 KB
9	komkatkaj.org 4 redirects komkatkaj.org	9 KB
6	wingwah.fi 1 redirects www.wingwah.fi wingwah.fi	42 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 599	3 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
3	pontiarmada.com pontiarmada.com	4 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1767	2 KB
2	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484	1 KB
2	adentifi.com 1 redirects rtb.adentifi.com — Cisco Umbrella Rank: 1218	555 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	127 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	715 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	553 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	537 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1397	719 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7594	641 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1309	684 B
104	21

	Domain	Requested by
30	pagead2.googlesyndication.com	wingwah.fi pagead2.googlesyndication.com pontiarmada.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com pontiarmada.com
13	cm.g.doubleclick.net	googleads.g.doubleclick.net pontiarmada.com
9	komkatkaj.org	4 redirects pontiarmada.com
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	wingwah.fi	wingwah.fi
4	www.googleadservices.com	pontiarmada.com
4	c1.adform.net	4 redirects
3	pontiarmada.com	wingwah.fi pontiarmada.com
2	px.owneriq.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	beacon.lynx.cognitivlabs.com	2 redirects
2	rtb.adentifi.com	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	t.adx.opera.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	ums.acuityplatform.com	1 redirects
1	s.tribalfusion.com	pontiarmada.com
1	a.tribalfusion.com	1 redirects
1	www.wingwah.fi	1 redirects
104	26

This site contains links to these domains. Also see Links.

Domain
wpastra.com

Subject Issuer	Validity	Valid
wingwah.fi cPanel, Inc. Certification Authority	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
pontiarmada.com cPanel, Inc. Certification Authority	`2023-10-05` - `2024-01-03`	3 months	crt.sh
komkatkaj.org cPanel, Inc. Certification Authority	`2023-09-02` - `2023-12-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Frame ID: 9A85BDF3670375C2335973CE886618EE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 05CA2C372E2E17661AE062DED6086C24
Requests: 1 HTTP requests in this frame

Frame: https://pontiarmada.com/news/2023.html
Frame ID: 077065D4186DA6652892F30DE0E76C80
Requests: 1 HTTP requests in this frame

Frame: https://pontiarmada.com/news/2023.html
Frame ID: 6F2FB77B7A61219754DD5FC093C518A1
Requests: 8 HTTP requests in this frame

Frame: https://komkatkaj.org/info.html
Frame ID: C2FDD377BE41A4E9286F9DF1D692B0B8
Requests: 6 HTTP requests in this frame

Frame: https://pontiarmada.com/news/about.html
Frame ID: 2F67D34E5882F987BBD28C2D716834E6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1699978255&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2Fwp-content%2Fplugins%2Felementor%2Fassets%2Fxii%2Flinkedin_%2Flogin.php%3Femail%3D%26redirect%3Dhttp&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255543&bpp=5&bdt=149&idt=221&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612511993756&frm=20&pv=2&ga_vid=503435451.1699978256&ga_sid=1699978256&ga_hid=647299550&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=1944190936163036&tmod=434537542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: C272A909DD8DD56A428265F0C8BCE5E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3279755396&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255737&bpp=10&bdt=96&idt=193&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=334762032434&frm=24&ife=1&pv=2&ga_vid=571567283.1699978256&ga_sid=1699978256&ga_hid=1844738955&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=230747750&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44806139%2C44807764%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=1859236805617545&tmod=715259656&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.60db7mteexfr&fsb=1&dtd=217
Frame ID: 28D413FF6A8AF7001AD0600275170EDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3407270570&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2F2023.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255824&bpp=5&bdt=145&idt=154&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=334762032434&frm=24&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sdom21p0w5c8&fsb=1&dtd=178
Frame ID: 7076F01B46C684AFFE065EDB99FC5A2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=1730582307&pi=t.ma~as.9200663831&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255829&bpp=2&bdt=150&idt=178&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4k6kutebpubb&fsb=1&dtd=186
Frame ID: 129908FD4E752D3743E403EB7E667703
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8073961131&adk=1748549453&adf=2214622222&pi=t.ma~as.8073961131&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255831&bpp=1&bdt=152&idt=189&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.8j98bnp29vbq&fsb=1&dtd=195
Frame ID: 136E7DD496DDC7DFF3A263ADB7AEB127
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EFF1AEE6F108D6202AA7992367CAC25
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 780786296174191EEB7045D58E2C98C4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: D8E411B694FAC5CDD95CC8ED702D0470
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 7BF7A2C78936F25798E802323A31A318
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB0E47B1DD6A54DA65DE701431F3E9EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62A8E7CDD790FCE82BB21F0E754A8FCE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02D6A9EEABE496EC9918602EFEE63C43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA63456F6C0F502C2D9BFA1BD16AB703
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DED51F1A34F626524D84CACE7168FA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA55DF560715FB42069FC20DCFCE175E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sivua ei löydy – WingWah.fi

Page URL History Show full URLs

https://www.wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=... HTTP 301
https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

104
Requests

84 %
HTTPS

39 %
IPv6

21
Domains

26
Subdomains

16
IPs

5
Countries

1186 kB
Transfer

3237 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wpastra.com/
Title: Astra WordPress-teema

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http HTTP 301
https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 42

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEG4H4ASWk8NFx9ugy1so4YY&google_cver=1&google_push=AXcoOmQ-t6HJcyb2HTlpGloWAZ_CjM2sHtE8nKfccl9bAK8dnsFSGbUkbD29xnWbjhIdBBvjDf9d079FBqXwYE6N1dL5lA1c5_tf6fv61svS1ojf-Un3pvQX-R6bGzg1FwpbpuUWZAeIFNkKkUk_17UYd_pNCEo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852419483827&us_privacy=1---

Request Chain 43

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKTDsZYmze4GBUlux4zRaCE&google_cver=1&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkCtyjXH94zncdMI5LjCgNqDhf-qS3J4yXOVNsZjfX0H6hqgpiZWPLHWcBPwJuYLsF7yf5Qtsb5YU6sSA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKTDsZYmze4GBUlux4zRaCE&google_cver=1&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkCtyjXH94zncdMI5LjCgNqDhf-qS3J4yXOVNsZjfX0H6hqgpiZWPLHWcBPwJuYLsF7yf5Qtsb5YU6sSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMyOTc2NzEwMzA2MDk5ODU2Ng&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkCtyjXH94zncdMI5LjCgNqDhf-qS3J4yXOVNsZjfX0H6hqgpiZWPLHWcBPwJuYLsF7yf5Qtsb5YU6sSA

Request Chain 45

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEDl8ofdNnQUhIR0ZCLV9t2E&google_cver=1&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZBteyY0J24jnCRdIfj4YqLqaQeQvf3oevJ0atY8dTQbEgFNyIvGe6WaqZP-kD1oGeaFbR-YDEi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZBteyY0J24jnCRdIfj4YqLqaQeQvf3oevJ0atY8dTQbEgFNyIvGe6WaqZP-kD1oGeaFbR-YDEi

Request Chain 46

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSxRdAyGnuqvGMncKvR-PPz4Rp2Vf74XKSBC9xf2cVPkGfwyde9Asxvztg87sVeFAquVu3KP_wSdikX2nmteisFHX250xMhJFIa0J78p_RvwbpqPhEgETguC32vEMMporNYmjOxtRkCVRUGReePUzHUwiDt&google_gid=CAESEBYT8T4Q1L9yBKqNYF2QIJc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBYT8T4Q1L9yBKqNYF2QIJc&google_hm=T1BVNTBiNDlhZmJjN2VmNGNiMTg0MWJlMjQ1ZmJjOGMxMTE&google_nid=opera_norway_as&google_push=AXcoOmSxRdAyGnuqvGMncKvR-PPz4Rp2Vf74XKSBC9xf2cVPkGfwyde9Asxvztg87sVeFAquVu3KP_wSdikX2nmteisFHX250xMhJFIa0J78p_RvwbpqPhEgETguC32vEMMporNYmjOxtRkCVRUGReePUzHUwiDt

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqtz0EJxTZfzsArrLxtYP4--84AH6wM6adIuJ88eREvnOi7OiDhABINXo1EZgycapi8Ck2A-gAaX81JApyAEJqQK0T6tg4_uxPqgDAcgDywSqBJECT9Ax7ZxuA1tOIcjI7bCh0A-S-z--MSN-15U3A-ELGpQBlvcr0aGsGxp6kXeNDDS_S3SnnZmhEZ1D2swnDDv6rrlA4c4cPBbR8uqTsCNX5aKf8Q23fADBUyqswqq9VYgSScD0T3pmR56noSR1w4gRX6rdbj_2HgMs0Y8BnrqxaSdluy1lXyTrVEpysKQAQ_zVxff-XXtQvAPby40_8xUZ69gtFcpx4X3D8f3FoIJXXH7bmkmpgR2sVd_zbi5HjMXBZ-6vd7S0p8eeVSBQ1fz6NU0eHW_F2UaWO7hYyxYccKbnjQahf0dETje4gQI6tndRwa5YZZrMF309IopeVTk8Bpkn46nLVh8wMgB9cfq7ab9jwATR7rOuxgSIBZD1wMVMkgUECAQYAZIFBAgFGASgBi6AB6W0pfADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQqMKsAdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwRCgsQwIbG0-mZhrriARICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODg5MTMwMzc5NTY2ODA1NhgA&sigh=YfEa8izMj5A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNQkYYNvAMgbIR4QlC-YMzD6A9VCaGhw0oLGTJYZkSoDpTTARyvGbon17poSWP8jDZH77djyYoGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xff3ac27a37ec5c960000000000000000%22,%222%22:%220xadea1710eb58d6ec0000000000000000%22,%223%22:%220x5dc81be34a12561a0000000000000000%22,%224%22:%220x4e1eec01cebe6cb60000000000000000%22,%225%22:%220xe41375f64440dbdc0000000000000000%22},%22debug_key%22:%227103973622987310454%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040800293%22],%224%22:[%2211-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228403000833651792785%22}&andc=true

Request Chain 64

https://px.owneriq.net/ecmg?google_gid=CAESEBL0f3n1-4dRbfa_676WePA&google_cver=1&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI%26google_cver%3d1%26google_gid%3dCAESEBL0f3n1-4dRbfa_676WePA%26google_hm%3dUTc1MzI2NDY1NzE2NTk1MTQ1MTk%3d&uid=Q7532646571659514519&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI&google_cver=1&google_gid=CAESEBL0f3n1-4dRbfa_676WePA&google_hm=UTc1MzI2NDY1NzE2NTk1MTQ1MTk=

Request Chain 65

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBIVQ7A0ckrw18iUnQMelUQ&google_cver=1&google_push=AXcoOmQTt7ev4wr_7fydrtmC5Nz15r2b6Za1qtm1VQk6VgNnOYshcNqtdUYVuIyVilFv4Mm6KUe0ulXBrFGREuaf5hrmCJP9e5sXEFY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIVQ7A0ckrw18iUnQMelUQ&google_push=AXcoOmQTt7ev4wr_7fydrtmC5Nz15r2b6Za1qtm1VQk6VgNnOYshcNqtdUYVuIyVilFv4Mm6KUe0ulXBrFGREuaf5hrmCJP9e5sXEFY

Request Chain 66

https://ads.travelaudience.com/google_pixel?google_gid=CAESEESjHclTqKwTpi-onO2GRoA&google_cver=1&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0AqqwbDD8FTKl_JIM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ejz50wYkSyQVJXKLawfa1Q&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0AqqwbDD8FTKl_JIM

Request Chain 67

https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEEYYJl-tlnhWMDR2kiSqQX8&google_cver=1&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bGrBvnivbCS4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=ZMG-4oMIEe6CJBIIF0Y8jw&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bGrBvnivbCS4&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232

Request Chain 68

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOP9ngFetjuqyNebzDUiRpg&google_cver=1&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vqiP8IDyrs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vqiP8IDyrs&google_hm=eS0yT3ZtMGlSRTJwRlBFeWV3cFlfQ3RSSWpaUVFsSVNZRX5B

Request Chain 69

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENWP6cu0MC7tTgXL3Z4t-vU&google_cver=1&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAodF8sS7mw35RYm8Fy61axOLU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENWP6cu0MC7tTgXL3Z4t-vU&google_cver=1&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAodF8sS7mw35RYm8Fy61axOLU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MzIxNzkzMTIwMjkxMjczNA&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAodF8sS7mw35RYm8Fy61axOLU

Request Chain 70

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEHKwTDuom-6nwpcBShGo0C4&google_cver=1&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7CVhi7_t-UDHTHBK50J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7CVhi7_t-UDHTHBK50J

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=CPr3QEJxTZb3OA63HxtYPj6GAuAujx4yHdPXtzrTwEcWIss2QDhABINXo1EZgycapi8Ck2A-gAbab37spyAEJqQJt9GkvxCt4PqgDAcgDywSqBIsCT9Bu70bPHQC4-uHagWsSeaiQdzy36Znaf39kZOURErdTRpQ33lMGGq4nDwjy_fmZMKEwXWA-IIXXU72ZXJ1KwJIBUIPYyIQEiq1TfIUuikvcp6LsR3tarACE-mSGA14bphZMTgeCvJTPpFWe1JiujgQ3OOdeZQJpoSBY4QncYe7xv3K92isMxydkVfCYjz08df-anGhJKJv3xl_-ui2Ezp9lskbc2bxDZAvwy-OU07uihoqMV959CXI17hI16ar2-TPudRAXUOGx3h4ANjWm2pVCQh9Oz1bwyTpsgI9RldwRe1twPib_243HLg5l97e3ZgO13rQfSMCRVMJ-Gikc6m7hzdCXnCAMyqAAwAT0sJHf0gSIBdOgiu5MkgUECAQYAZIFBAgFGASgBi6AB8qj5osFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ3Pop0ggUCIBhEAEYHzICigI6AoBASL39wTqaCbUBaHR0cHM6Ly91cy5naWxvb2suY29tL2RzP3E9Z3VhcmFudGVlZCUyMHRlcm0lMjBsaWZlJTIwaW5zdXJhbmNlJnJhYz1TZWFyY2glMjBmb3IlMjBndWFyYW50ZWVkJTIwdGVybSUyMGxpZmUlMjBpbnN1cmFuY2UmYXNpZD1naWxfY2hfYmFfMTM1Jm53PWQmZGU9YyZscGlkPTkwNjc2MDkmcHViPXBvbnRpYXJtYWRhLmNvbYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEOCmsJPUs9uonAESAgED2BMMiBQB0BUBgBcBshccChoIABIUcHViLTg4OTEzMDM3OTU2NjgwNTYYAA&sigh=R3QbCt_OfJk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNwCfGPe0IoU1jWnQ2o4UbEM_lovPfm2IDKD_RrsFmXBdyNHBL6dEwjXKlt8GpnOPHjFYh34eZDBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x89f1610cdddbcc5e0000000000000000%22,%222%22:%220x7c53fe4035d962bc0000000000000000%22,%223%22:%220xd6a4a50be6627a010000000000000000%22,%224%22:%220x175fcc3dc53110590000000000000000%22,%225%22:%220x187a51e9d0247e290000000000000000%22},%22debug_key%22:%2212613912340319324534%22,%22debug_reporting%22:true,%22destination%22:%22https://gilook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211131145654%22],%224%22:[%2211-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217957926241710311473%22}&andc=true

Request Chain 87

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6915942 HTTP 302
https://komkatkaj.org/info.html

Request Chain 105

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=10009460 HTTP 302
https://komkatkaj.org/info.html

Request Chain 106

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12827191 HTTP 302
https://komkatkaj.org/info.html

Request Chain 107

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14370893 HTTP 302
https://komkatkaj.org/info.html

Request Chain 108

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=19371836 HTTP 302
https://komkatkaj.org/info.html

104 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request login.php Show response
wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/
Redirect Chain

https://www.wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http

53 KB
11 KB

1091ms
1089ms

Document
text/html

97.79.236.49
TWC-11427-TEXAS

General

Check archive.org

Show headers Download Go to

Full URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 97.79.236.49 Dallas, United States, ASN11427 (TWC-11427-TEXAS, US),
Reverse DNS: gvo23649.gvodatacenter.com
Software: Apache /
Resource Hash: 96eeed9796feb837c5252aa30a0606c2b6b814e4900c83d5638085d58ffd9634

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 11150
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 16:10:54 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://wingwah.fi/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 16:10:53 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
server: Apache
vary: User-Agent
x-redirect-by: WordPress

GET
H2 200 main.min.css
wingwah.fi/wp-content/themes/astra/assets/css/minified/ 41 KB
8 KB 47ms
46ms Stylesheet
text/css 97.79.236.49
TWC-11427-TEXAS

General

Check archive.org

Show headers Download Go to

Full URL: https://wingwah.fi/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.6.8
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 97.79.236.49 Dallas, United States, ASN11427 (TWC-11427-TEXAS, US),
Reverse DNS: gvo23649.gvodatacenter.com
Software: Apache /
Resource Hash: 6ce7875c819b155e23c71443be6153d3f6dc2d4cbee2168c97eff06b56ddddcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 13:10:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 8277

GET
H2 200 style.min.css
wingwah.fi/wp-includes/css/dist/block-library/ 107 KB
14 KB 50ms
50ms Stylesheet
text/css 97.79.236.49
TWC-11427-TEXAS

General

Check archive.org

Show headers Download Go to

Full URL: https://wingwah.fi/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 97.79.236.49 Dallas, United States, ASN11427 (TWC-11427-TEXAS, US),
Reverse DNS: gvo23649.gvodatacenter.com
Software: Apache /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 21:52:02 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 14499

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 63ms
43ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Requested by

Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66cf04152b0c648a539d4092c7a457a477344076e85f393ea8a9ade990c02bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wingwah.fi/
Origin: https://wingwah.fi
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52722
x-xss-protection: 0
server: cafe
etag: 6873371047899871677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
BLOB 200
OK c6a51b77-0f60-4dd3-911c-a7607bcf4e13
https://wingwah.fi/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wingwah.fi/c6a51b77-0f60-4dd3-911c-a7607bcf4e13
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK secure.js Show response
pontiarmada.com/blog/ 672 B
927 B 101ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: https://pontiarmada.com/blog/secure.js
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 3d13d3c8345fc6d70140ee7190c7fd29ec6fa7b76281d68c87ff99fc9d1c4d3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:10:55 GMT
Last-Modified: Thu, 26 Oct 2023 09:14:11 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 672

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ 400 KB
135 KB 114ms
101ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb21af499d878b77941c804fbee93cd2d5a4e8e5b48caf47f9dd5d20a37155c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138372
x-xss-protection: 0
server: cafe
etag: 1494961838868287867
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 05CA 9 KB
4 KB 25ms
4ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wingwah.fi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 14:06:12 GMT
etag: 16674218716276178799
expires: Tue, 28 Nov 2023 14:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET 2023.html
pontiarmada.com/news/ Frame 0770 0
0

GET
H/1.1 200
OK 2023.html Show response
pontiarmada.com/news/ Frame 6F2F 661 B
903 B 57ms
17ms Document
text/html 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: https://pontiarmada.com/news/2023.html
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/blog/secure.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 53ead4069e4d0aa72b1696c9de76e6e8205fd764abb1c068a3ea0a72a3e25432

Request headers

Referer: https://wingwah.fi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 661
Content-Type: text/html
Date: Tue, 14 Nov 2023 16:10:55 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 25 Sep 2023 13:43:02 GMT
Server: Apache

GET
H2 200 frontend.min.js Show response
wingwah.fi/wp-content/themes/astra/assets/js/minified/ 15 KB
4 KB 52ms
48ms Script
application/javascript 97.79.236.49
TWC-11427-TEXAS

General

Check archive.org

Show headers Download Go to

Full URL: https://wingwah.fi/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.6.8
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 97.79.236.49 Dallas, United States, ASN11427 (TWC-11427-TEXAS, US),
Reverse DNS: gvo23649.gvodatacenter.com
Software: Apache /
Resource Hash: e594d43ef5e6a3b462f2b1d47c0b4fdbc1178df5b7e5046dff5d208262a042c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 13:10:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3819

GET
H2 200 wp-emoji-release.min.js Show response
wingwah.fi/wp-includes/js/ 18 KB
5 KB 50ms
44ms Script
application/javascript 97.79.236.49
TWC-11427-TEXAS

General

Check archive.org

Show headers Download Go to

Full URL: https://wingwah.fi/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 97.79.236.49 Dallas, United States, ASN11427 (TWC-11427-TEXAS, US),
Reverse DNS: gvo23649.gvodatacenter.com
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2023 14:44:11 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 5039

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6F2F 150 KB
52 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5011c6f5ad27d378964813c0663f202d82f9347fdce631c41971a5cc6d88e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Origin: https://pontiarmada.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52890
x-xss-protection: 0
server: cafe
etag: 9679513356276668129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
H2 200 info.html Show response
komkatkaj.org/ Frame C2FD 1 KB
2 KB 1766ms
1251ms Document
text/html 103.66.86.91
IDNIC-BUKUKU-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://komkatkaj.org/info.html
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.66.86.91 , Indonesia, ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID),
Reverse DNS: ironhide.idserverhost.com
Software: imunify360-webshield/1.21 /
Resource Hash: 5b4127cabaa55d8a3b6341e8697d701544274c7a589d9f544c27ef0ea53f6766

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Tue, 14 Nov 2023 16:10:54 GMT
last-modified: Tuesday, 14-Nov-2023 16:10:54 GMT
server: imunify360-webshield/1.21

GET
H/1.1 200
OK about.html Show response
pontiarmada.com/news/ Frame 2F67 2 KB
2 KB 19ms
17ms Document
text/html 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: https://pontiarmada.com/news/about.html
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 469878f556e22380837f1140f73ce3aa9dc8797146fbee6ff60a85f47b01f7f8

Request headers

Referer: https://pontiarmada.com/news/2023.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 2205
Content-Type: text/html
Date: Tue, 14 Nov 2023 16:10:55 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Mon, 25 Sep 2023 13:13:23 GMT
Server: Apache

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2F67 150 KB
52 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/about.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c853a028d1b1cefa5217675986596f214186857f4e7edc1eec479f0e480d1433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Origin: https://pontiarmada.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52892
x-xss-protection: 0
server: cafe
etag: 16736695576844417051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ Frame 6F2F 400 KB
135 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8e8edee1c959e254bbcb83b19fac6f3155bc8fb7e08359b379220e1eabdb8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138372
x-xss-protection: 0
server: cafe
etag: 15830161674508953318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C272 603 B
218 B 60ms
59ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1699978255&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2Fwp-content%2Fplugins%2Felementor%2Fassets%2Fxii%2Flinkedin_%2Flogin.php%3Femail%3D%26redirect%3Dhttp&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255543&bpp=5&bdt=149&idt=221&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612511993756&frm=20&pv=2&ga_vid=503435451.1699978256&ga_sid=1699978256&ga_hid=647299550&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=1944190936163036&tmod=434537542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wingwah.fi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=IFRAME&id=pertama&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
76ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=IFRAME&id=pertama&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: wingwah.fi
URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ Frame 2F67 400 KB
135 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

202e902edab3aa57464705ebbd84a5f7587bb91a29b37b70efaa1995512fe9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138376
x-xss-protection: 0
server: cafe
etag: 7280838699615820818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:55 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28D4 603 B
68 B 55ms
54ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3279755396&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255737&bpp=10&bdt=96&idt=193&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=334762032434&frm=24&ife=1&pv=2&ga_vid=571567283.1699978256&ga_sid=1699978256&ga_hid=1844738955&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=230747750&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44806139%2C44807764%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=1859236805617545&tmod=715259656&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.60db7mteexfr&fsb=1&dtd=217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F2F 0
20 B 65ms
64ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=IFRAME&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F2F 0
20 B 66ms
65ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=IFRAME&ign=false&pw=1600&ph=1200&x=0&y=69.6

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7076 3 KB
643 B 99ms
98ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3407270570&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2F2023.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255824&bpp=5&bdt=145&idt=154&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=334762032434&frm=24&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sdom21p0w5c8&fsb=1&dtd=178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd76ddaf7ae0f0f385a63b99e7fd64fc1a2b95d2a5d2c320977726423ed3b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 619
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:56 GMT
expires: Tue, 14 Nov 2023 16:10:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F67 0
20 B 66ms
65ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/about.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F67 0
20 B 66ms
64ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=popup&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/about.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1299 136 KB
44 KB 641ms
641ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=1730582307&pi=t.ma~as.9200663831&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255829&bpp=2&bdt=150&idt=178&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4k6kutebpubb&fsb=1&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7764242e66805d5e0d0513ff74fd68f0737c764e5db5332ea2ada227fa8a6819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44848
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:56 GMT
expires: Tue, 14 Nov 2023 16:10:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 136E 134 KB
43 KB 745ms
742ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8073961131&adk=1748549453&adf=2214622222&pi=t.ma~as.8073961131&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255831&bpp=1&bdt=152&idt=189&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.8j98bnp29vbq&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32170b03598d2e20c2ddf443bc437d0fe8d3725c6b266596797cfa40284f898e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44136
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1299 14 KB
2 KB 49ms
22ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=1730582307&pi=t.ma~as.9200663831&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255829&bpp=2&bdt=150&idt=178&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4k6kutebpubb&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 16:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:35:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 16:10:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1299 2 KB
902 B 32ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1299 23 KB
9 KB 28ms
6ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1299 3 KB
1 KB 29ms
7ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 11:52:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EFF 1 KB
643 B 15ms
11ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 15:48:32 GMT
etag: 48472445140208031
expires: Wed, 15 Nov 2023 15:48:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1299 20 KB
9 KB 23ms
3ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 11:52:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1299 0
0 54ms
22ms Image
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsKlPDh9U2mvHY6Nvfw7gyuM23wbzvnqrzmZxpZUBeTeM3gqg0gV4VUbkEwpUFrZg4B0GOhiEIb34g8MQ7IJbLLb3Vxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=1730582307&pi=t.ma~as.9200663831&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255829&bpp=2&bdt=150&idt=178&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4k6kutebpubb&fsb=1&dtd=186
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1299 199 KB
64 KB 64ms
35ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:56 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 1299 37 KB
16 KB 36ms
5ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 03:55:32 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10088874748613908977/ Frame 1299 30 KB
31 KB 25ms
8ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10088874748613908977/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:24:00 GMT
x-content-type-options: nosniff
age: 85616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31031
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:47:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Nov 2024 16:24:00 GMT

GET
DATA 200
OK truncated
/ Frame 1299 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1299 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6EFF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1u...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE...

43 B
449 B

104ms
75ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/news/about.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8260870a0a8741c6-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 278
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFyj-8kx_S2oXahIe9n9NKQ&google_cver=1&google_push=AXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8ah-3INgsA6gaeFHd5wT8uW2ps6XDmiP4u7HgbtHGDL6-6UAqdTlOUPxGUQHNlneQTOpC4nJSJF9YLXo39scpqlj44JE1uti0yhWOi_FV33-05MWNYc0ax4i7VuEwSGvK4t21nQ20u2DD3p9GXw0LCfw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82608709496e41c6-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 6EFF 0
285 B 96ms
9ms Image
text/plain 3.222.67.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESENoYg56mSAUhQb00pcdfGng&google_cver=1&google_push=AXcoOmS98ou8QAUfF6XNzdVWqqP8lWIIINOsDSK99Q3-JIY25RVYAulI3RZhh6jSc490ih5L-ZE6vZItjvkCfeN7La57toBo0Okss_iCtGpng6-X1eA5zv0P0F4iE94MWG1AxiPrmOn99LOqSZw_qvbB7A7pcdQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=9200663831&adk=485043760&adf=1730582307&pi=t.ma~as.9200663831&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255829&bpp=2&bdt=150&idt=178&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.4k6kutebpubb&fsb=1&dtd=186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.67.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-67-46.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEG4H4ASWk8NFx9ugy1so4YY&google_cver=1&google_push=AXcoOmQ-t6HJcyb2HTlpGloWAZ_CjM2sHtE8nKfccl9bAK8dnsFSGbUkbD29xnWbjhIdBBvjDf9d079FBqXwYE6N1dL5lA1c5...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852419483827&us_privacy=1---

170 B
232 B

27ms
22ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852419483827&us_privacy=1---

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852419483827&us_privacy=1---
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKTDsZYmze4GBUlux4zRaCE&google_cver=1&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkC...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKTDsZYmze4GBUlux4zRaCE&google_cver=1&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5Xna...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMyOTc2NzEwMzA2MDk5ODU2Ng&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotP...

170 B
188 B

23ms
23ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMyOTc2NzEwMzA2MDk5ODU2Ng&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkCtyjXH94zncdMI5LjCgNqDhf-qS3J4yXOVNsZjfX0H6hqgpiZWPLHWcBPwJuYLsF7yf5Qtsb5YU6sSA

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMyOTc2NzEwMzA2MDk5ODU2Ng&google_push=AXcoOmTsnHmCyy7CO9QJIoa43its0JIwzpz48mlEtB4WTfgho2bJJJatntUDTdJUAndzCCr5XnaotPkCtyjXH94zncdMI5LjCgNqDhf-qS3J4yXOVNsZjfX0H6hqgpiZWPLHWcBPwJuYLsF7yf5Qtsb5YU6sSA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 6EFF 43 B
641 B 554ms
173ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEPnN7ad1umMIVThhE66BpEw&google_cver=1&google_push=AXcoOmRJGDHn5VE2rqM1tyt99VvdbYfnzmFPis_uzBD0lERhtXpnAC9MBXu00CY_UKTpar5qrrc8e9gEahx6wejjljaJxcq1pu3o8w_nG74_E6F-uHJJ2CCfao9Fw5oQA3KkNE-29er_-Rmuxbz3ybJP4umDV_k

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:10:57 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEDl8ofdNnQUhIR0ZCLV9t2E&google_cver=1&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZ...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZBteyY0J24j...

170 B
329 B

23ms
20ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZBteyY0J24jnCRdIfj4YqLqaQeQvf3oevJ0atY8dTQbEgFNyIvGe6WaqZP-kD1oGeaFbR-YDEi

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmTqRMX76XeqH0i_zjDlFgCM0YnEMmH7sXy_cJaUYruv8tAFfQlv6RWJEih-V18hKjqSXzh8JgV4fourkmZBteyY0J24jnCRdIfj4YqLqaQeQvf3oevJ0atY8dTQbEgFNyIvGe6WaqZP-kD1oGeaFbR-YDEi
Date: Tue, 14 Nov 2023 16:10:56 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSxRdAyGnuqvGMncKvR-PPz4Rp2Vf74XKSBC9xf2cVPkGfwyde9Asxvztg87sVeFAquVu3KP_wSdikX2nmteisFHX250xMhJFIa0J78p_RvwbpqPhEgETguC32vE...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBYT8T4Q1L9yBKqNYF2QIJc&google_hm=T1BVNTBiNDlhZmJjN2VmNGNiMTg0MWJlMjQ1ZmJjOGMxMTE&google_nid=opera_norway_as&google_push=AXcoOmSxRdAy...

170 B
188 B

23ms
22ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBYT8T4Q1L9yBKqNYF2QIJc&google_hm=T1BVNTBiNDlhZmJjN2VmNGNiMTg0MWJlMjQ1ZmJjOGMxMTE&google_nid=opera_norway_as&google_push=AXcoOmSxRdAyGnuqvGMncKvR-PPz4Rp2Vf74XKSBC9xf2cVPkGfwyde9Asxvztg87sVeFAquVu3KP_wSdikX2nmteisFHX250xMhJFIa0J78p_RvwbpqPhEgETguC32vEMMporNYmjOxtRkCVRUGReePUzHUwiDt

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:56 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBYT8T4Q1L9yBKqNYF2QIJc&google_hm=T1BVNTBiNDlhZmJjN2VmNGNiMTg0MWJlMjQ1ZmJjOGMxMTE&google_nid=opera_norway_as&google_push=AXcoOmSxRdAyGnuqvGMncKvR-PPz4Rp2Vf74XKSBC9xf2cVPkGfwyde9Asxvztg87sVeFAquVu3KP_wSdikX2nmteisFHX250xMhJFIa0J78p_RvwbpqPhEgETguC32vEMMporNYmjOxtRkCVRUGReePUzHUwiDt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 384
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EFF 0
130 B 93ms
12ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JyvZsV7dGgfqKQ85BvWJeoiKfMe4Rxii-n40efAGuL8KH46xYoMdvvk67NFcVXzAPyZvQ2_Ig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 1299 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e277fca4a2ba1aa7a9e8870c706364f1f2965b06a3f9dc8c88e8a3cf4bb8b622

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 136E 14 KB
1 KB 50ms
5ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8073961131&adk=1748549453&adf=2214622222&pi=t.ma~as.8073961131&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255831&bpp=1&bdt=152&idt=189&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.8j98bnp29vbq&fsb=1&dtd=195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 16:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:31:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 16:10:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 136E 2 KB
856 B 36ms
0ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 136E 23 KB
9 KB 21ms
0ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 136E 3 KB
1 KB 21ms
0ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 11:52:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 136E 20 KB
8 KB 34ms
0ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 11:52:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 136E 0
0 50ms
8ms Image
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa4uV7STC36_eiDa3KCyKTK27mRLyGUEDCAe5qJDqYCaCqB-yNnnuSw6H_lVVCghROnQjo19wca8Lx4HTIEQagyHskfA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=8073961131&adk=1748549453&adf=2214622222&pi=t.ma~as.8073961131&w=1200&fwrn=16&fwrnh=100&lmt=1695647603&rafmt=1&format=1200x280&url=https%3A%2F%2Fpontiarmada.com%2Fnews%2Fabout.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255831&bpp=1&bdt=152&idt=189&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=1&correlator=334762032434&frm=22&ife=1&pv=1&ga_vid=1851864097.1699978256&ga_sid=1699978256&ga_hid=57472993&ga_fc=0&nhd=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2385719591&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079587%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=817721520423125&tmod=1685226770&uas=0&nvt=1&top=https%3A%2F%2Fwingwah.fi%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.8j98bnp29vbq&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 136E 199 KB
63 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:10:56 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 136E 37 KB
15 KB 30ms
0ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 03:55:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7807 1 KB
643 B 7ms
5ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 15:48:32 GMT
etag: 48472445140208031
expires: Wed, 15 Nov 2023 15:48:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5609781750607938974/ Frame 136E 30 KB
30 KB 9ms
8ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5609781750607938974/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aeea8d11b236ae76a6639182a9e4d78329b7f2556278b0478ae580a04408cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:16:50 GMT
x-content-type-options: nosniff
age: 593646
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31154
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 08:25:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Nov 2024 19:16:50 GMT

GET
DATA 200
OK truncated
/ Frame 136E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 136E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fb47e31feef060d3b2995361269b81521f8a9f04dec3054d0f210bf42671415

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1299 33 KB
34 KB 24ms
4ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:43:52 GMT
x-content-type-options: nosniff
age: 206824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 06:43:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1299
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqtz0EJxTZfzsArrLxtYP4--84AH6wM6adIuJ88eREvnOi7OiDhABINXo1EZgycapi8Ck2A-gAaX81JApyAEJqQK0T6tg4_uxPqgDAcgDywSqBJECT9Ax7ZxuA1tOIcjI7bCh0A-S-z--MSN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xff3ac27a37ec5c960000000000000000%22,%222%22:%220xadea1710eb58d6ec0000000000000000%22,%223%22:%220x5dc81b...

0
0

84ms
32ms

Fetch
text/css

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xff3ac27a37ec5c960000000000000000%22,%222%22:%220xadea1710eb58d6ec0000000000000000%22,%223%22:%220x5dc81be34a12561a0000000000000000%22,%224%22:%220x4e1eec01cebe6cb60000000000000000%22,%225%22:%220xe41375f64440dbdc0000000000000000%22},%22debug_key%22:%227103973622987310454%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040800293%22],%224%22:[%2211-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228403000833651792785%22}&andc=true

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xff3ac27a37ec5c960000000000000000","2":"0xadea1710eb58d6ec0000000000000000","3":"0x5dc81be34a12561a0000000000000000","4":"0x4e1eec01cebe6cb60000000000000000","5":"0xe41375f64440dbdc0000000000000000"},"debug_key":"7103973622987310454","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040800293"],"4":["11-14"],"6":["true"]},"priority":"500","source_event_id":"8403000833651792785"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Nov 2023 16:10:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 16:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xff3ac27a37ec5c960000000000000000","2":"0xadea1710eb58d6ec0000000000000000","3":"0x5dc81be34a12561a0000000000000000","4":"0x4e1eec01cebe6cb60000000000000000","5":"0xe41375f64440dbdc0000000000000000"},"debug_key":"7103973622987310454","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040800293"],"4":["11-14"],"6":["true"]},"priority":"500","source_event_id":"8403000833651792785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 136E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d0b1e91944f4241ef9f7c99a4da1e1bc787d94e548857eab1652d3ffa232fad

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEBL0f3n1-4dRbfa_676WePA&google_cver=1&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI&google_cver=1&go...

170 B
188 B

22ms
22ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI&google_cver=1&google_gid=CAESEBL0f3n1-4dRbfa_676WePA&google_hm=UTc1MzI2NDY1NzE2NTk1MTQ1MTk=

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Nov 2023 16:10:57 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR0m2qkXX1C4DMZOvPlfuM2UnDiSQeS4et9UV2U07LLi2sw2pQbMPIkuI5QvKTDN7NwkuQHB8ikeQnDB4oTGyHskMvlZkCVDRI&google_cver=1&google_gid=CAESEBL0f3n1-4dRbfa_676WePA&google_hm=UTc1MzI2NDY1NzE2NTk1MTQ1MTk=
Content-Type: text/html
Cache-Control: max-age=66452
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIVQ7A0ckrw18iUnQMelUQ&google_push=AXcoOmQTt7ev4wr_7fydrtmC5Nz15r2b6Za1qtm1VQk6VgNnOYshcNqtdU...

170 B
188 B

27ms
27ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIVQ7A0ckrw18iUnQMelUQ&google_push=AXcoOmQTt7ev4wr_7fydrtmC5Nz15r2b6Za1qtm1VQk6VgNnOYshcNqtdUYVuIyVilFv4Mm6KUe0ulXBrFGREuaf5hrmCJP9e5sXEFY

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lga21974-LGA
pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699978257.001143,VS0,VE7
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIVQ7A0ckrw18iUnQMelUQ&google_push=AXcoOmQTt7ev4wr_7fydrtmC5Nz15r2b6Za1qtm1VQk6VgNnOYshcNqtdUYVuIyVilFv4Mm6KUe0ulXBrFGREuaf5hrmCJP9e5sXEFY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEESjHclTqKwTpi-onO2GRoA&google_cver=1&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0A...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ejz50wYkSyQVJXKLawfa1Q&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0AqqwbDD8FTKl_JIM

170 B
188 B

22ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ejz50wYkSyQVJXKLawfa1Q&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0AqqwbDD8FTKl_JIM

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 16:10:57 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ejz50wYkSyQVJXKLawfa1Q&google_push=AXcoOmR-Tz32A9bwDHtN5GPoC2_FOlilUqUnunVWubOB_-8F5baPEW_dy7lrSEBu0cs-jKZN2uj69-KsVL9D_S0AqqwbDD8FTKl_JIM
x-host: tde-deliveryengine-production-bb588bf9-bkx48
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEEYYJl-tlnhWMDR2kiSqQX8&google_cver=1&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bG...
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=ZMG-4oMIEe6CJBIIF0Y8jw&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bGrB...

170 B
188 B

86ms
83ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=ZMG-4oMIEe6CJBIIF0Y8jw&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bGrBvnivbCS4&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=ZMG-4oMIEe6CJBIIF0Y8jw&google_push=AXcoOmS7rALN3AQor5DzKu7N0rB4vIOEW_gie87LAoFRMs7dYgRkiasX0Abl6L2G_gXOx4sMskImGh7mSLu8057NS81bGrBvnivbCS4&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232
date: Tue, 14 Nov 2023 16:10:56 GMT
content-type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOP9ngFetjuqyNebzDUiRpg&google_cver=1&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vqiP8IDyrs&google_hm=eS0yT3ZtMGlSRTJwRlB...

170 B
188 B

21ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vqiP8IDyrs&google_hm=eS0yT3ZtMGlSRTJwRlBFeWV3cFlfQ3RSSWpaUVFsSVNZRX5B

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 16:10:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtn8bXDUMlbDxU1ZNSscq5Wz9a2qf7JFjqVy8jC5Rkh3i7eMHkBgfiHvdCNj0UQGPCKv743hBM_z0q3xwND4nn8vqiP8IDyrs&google_hm=eS0yT3ZtMGlSRTJwRlBFeWV3cFlfQ3RSSWpaUVFsSVNZRX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENWP6cu0MC7tTgXL3Z4t-vU&google_cver=1&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAo...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENWP6cu0MC7tTgXL3Z4t-vU&google_cver=1&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MzIxNzkzMTIwMjkxMjczNA&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYG...

170 B
188 B

22ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MzIxNzkzMTIwMjkxMjczNA&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAodF8sS7mw35RYm8Fy61axOLU

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MzIxNzkzMTIwMjkxMjczNA&google_push=AXcoOmSXjwclD9i3dZYLMEnd2wuaykx6qAzQbPz_zTOr1k7euJEuzfunMPIpp502GtvX4wCoKdmAYGAodF8sS7mw35RYm8Fy61axOLU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7807
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEHKwTDuom-6nwpcBShGo0C4&google_cver=1&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7C...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7CVhi7_t-UDH...

170 B
188 B

32ms
30ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7CVhi7_t-UDHTHBK50J

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=7cqz26JVqU-oPFu_eP0Etg&google_push=AXcoOmSdzOhgV8IFyYVJ8QmICamqAerx8EvFZJlu0ODLxAPciE8wAec9Fu3lnrua8eS1wYJU5P9_D4zgA8T6T7CVhi7_t-UDHTHBK50J
Date: Tue, 14 Nov 2023 16:10:56 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7807 0
12 B 21ms
18ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlpZKDXzK1ppoaLQKHPnbgFz1SNv81pnPhFv8Rt0zIqDSk1xqgb94pjJS_wDGUtxZaxcMEAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 136E 33 KB
33 KB 7ms
4ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:43:52 GMT
x-content-type-options: nosniff
age: 206824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 06:43:52 GMT

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D8E4 38 KB
15 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 03:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Nov 2024 03:54:53 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 136E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPr3QEJxTZb3OA63HxtYPj6GAuAujx4yHdPXtzrTwEcWIss2QDhABINXo1EZgycapi8Ck2A-gAbab37spyAEJqQJt9GkvxCt4PqgDAcgDywSqBIsCT9Bu70bPHQC4-uHagWsSeaiQdzy36Zn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x89f1610cdddbcc5e0000000000000000%22,%222%22:%220x7c53fe4035d962bc0000000000000000%22,%223%22:%220xd6a4a5...

0
0

36ms
32ms

Fetch
text/css

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x89f1610cdddbcc5e0000000000000000%22,%222%22:%220x7c53fe4035d962bc0000000000000000%22,%223%22:%220xd6a4a50be6627a010000000000000000%22,%224%22:%220x175fcc3dc53110590000000000000000%22,%225%22:%220x187a51e9d0247e290000000000000000%22},%22debug_key%22:%2212613912340319324534%22,%22debug_reporting%22:true,%22destination%22:%22https://gilook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211131145654%22],%224%22:[%2211-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217957926241710311473%22}&andc=true

Requested by

Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x89f1610cdddbcc5e0000000000000000","2":"0x7c53fe4035d962bc0000000000000000","3":"0xd6a4a50be6627a010000000000000000","4":"0x175fcc3dc53110590000000000000000","5":"0x187a51e9d0247e290000000000000000"},"debug_key":"12613912340319324534","debug_reporting":true,"destination":"https://gilook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11131145654"],"4":["11-14"],"6":["true"]},"priority":"500","source_event_id":"17957926241710311473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Nov 2023 16:10:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 16:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x89f1610cdddbcc5e0000000000000000","2":"0x7c53fe4035d962bc0000000000000000","3":"0xd6a4a50be6627a010000000000000000","4":"0x175fcc3dc53110590000000000000000","5":"0x187a51e9d0247e290000000000000000"},"debug_key":"12613912340319324534","debug_reporting":true,"destination":"https://gilook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11131145654"],"4":["11-14"],"6":["true"]},"priority":"500","source_event_id":"17957926241710311473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F67 16 KB
12 KB 38ms
38ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8ae6072812bd611e4235fdfc3f7af77580ab5d73bd247871b3b646ca5e414c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12326
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
30ms Preflight
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 16:10:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BF7 38 KB
15 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 03:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Nov 2024 03:54:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F67 17 KB
6 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 16:10:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 33ms
32ms Preflight
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 16:10:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB0E 13 KB
5 KB 6ms
4ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 253991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 17:37:46 GMT
expires: Sun, 10 Nov 2024 17:37:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 62A8 829 B
560 B 25ms
24ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bed9842dac019d677e56dd8ead0674a35c21b7a4d3c14dc85745d4a192044e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bwL50L-IIfFw6VoC0UdXFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bwL50L-IIfFw6VoC0UdXFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:57 GMT
expires: Tue, 14 Nov 2023 16:10:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame DB0E 39 KB
15 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 03:29:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62A8 0
0 62ms
62ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=817721520423125&rc=
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DB0E 0
10 B 4ms
3ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EA1yog
Requested by: Host: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6F2F 16 KB
12 KB 38ms
37ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c7953a3dbcdf0ee58e12b0a733f067568071b8e454320a01fe0482a1d96706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12052
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 37ms
36ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74c939a897034cf9dbae1402c8b2a72d3c4251b99cf94a7aab5fb9f7b49d8b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12109
x-xss-protection: 0

GET
H2

200

info.html Show response
komkatkaj.org/ Frame C2FD
Redirect Chain

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=6915942
https://komkatkaj.org/info.html

1 KB
2 KB

238ms
237ms

Document
text/html

103.66.86.91
IDNIC-BUKUKU-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://komkatkaj.org/info.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.66.86.91 , Indonesia, ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID),
Reverse DNS: ironhide.idserverhost.com
Software: imunify360-webshield/1.21 /
Resource Hash: 2bf29880f345c4c4ba1f43ba7395f57c285602edc36147070ee92387ccbc307a

Request headers

Referer: https://komkatkaj.org/info.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Tue, 14 Nov 2023 16:10:57 GMT
last-modified: Tuesday, 14-Nov-2023 16:10:57 GMT
server: imunify360-webshield/1.21

Redirect headers

content-length: 142
content-type: text/html
date: Tue, 14 Nov 2023 16:10:56 GMT
location: https://komkatkaj.org/info.html
server: imunify360-webshield/1.21

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F2F 17 KB
6 KB 27ms
27ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 16:10:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 16:10:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02D6 13 KB
5 KB 17ms
12ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 253991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 17:37:46 GMT
expires: Sun, 10 Nov 2024 17:37:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA63 829 B
560 B 38ms
33ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb3bcbbd76bcc408a91ea043d28c4e96bc03f7237255c8de6c181275c77736a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gUOTGHOqmckNz6cb2d5ChA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gUOTGHOqmckNz6cb2d5ChA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:57 GMT
expires: Tue, 14 Nov 2023 16:10:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DED 13 KB
5 KB 16ms
13ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wingwah.fi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 253991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 17:37:46 GMT
expires: Sun, 10 Nov 2024 17:37:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA55 829 B
562 B 36ms
34ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d83534f90e5f60b286670b7111f7eb2a5fa43448808301574bf1b3782a46be52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oROBEj0_O4jIK4Mey4LVAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wingwah.fi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oROBEj0_O4jIK4Mey4LVAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 16:10:57 GMT
expires: Tue, 14 Nov 2023 16:10:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 02D6 39 KB
15 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 03:29:04 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DED 39 KB
15 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 03:29:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA63 0
0 63ms
63ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1859236805617545&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA55 0
0 64ms
63ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1944190936163036&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02D6 0
10 B 6ms
5ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RUykzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3DED 0
10 B 5ms
4ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zhxxZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:10:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1299 42 B
64 B 74ms
74ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBcDoOvITFLVuvifPcxitTppn_6JlYnxbmchgyB0CF_CN1N_3ICfwHiLiownNlbffxPcUz8wQ-ZaK4zAmjp3gVpX5DemTdwtHO6pPvNRnBNb-1DgoPlXwBq7RYzmhAzPYP-OJVohZf4g&sai=AMfl-YTfWHPGeSuXOX4eauGd-90cTwOt-smAGbKD4lgSfLm6sEMECxb4s4jfeN-emIrWagIfyN5UYhvidFRzkH5ukOeE_Ia1hCDHA-Cn61W17aF9bZdbkl18NPpeWjc&sig=Cg0ArKJSzIBQtq3xPKN4EAE&cid=CAQSOwDICaaNQkYYNvAMgbIR4QlC-YMzD6A9VCaGhw0oLGTJYZkSoDpTTARyvGbon17poSWP8jDZH77djyYoGAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=485043760&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699978256017&rpt=911&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F67 0
0 67ms
66ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=817721520423125&bg=!Dg2lDULNAAZxrfrxUa07ADQBe5WfOKtCAdmxFoDUttqeprZ5gMdfFtmVmgb7Vn9VpdXh4ePoDEuhF5NHUu9LBTyfg266AgAAAIhSAAAABGgBB5kC6X9x6NLzas9nZN0g4FYqMlvKZfSvklMfRnO7KB68JbkIbzRK_K43Cc0h6rLXhJF3WIp1G3R7N8nT1XmmgtXmESeijJkmG7TQ1aFWQzEhxtp2HMrdLJFSaKoCsPGL4325izcWFJAPznzNlzh0KZiOfCYPKh1_bXo8QF1VH8ZaeDeIH7TyOIvMsclBzWMcW8XjFJoH9uvi3shEQyPawFC2jndrnDA3W2LBeaKq0AUukk1YCbk51RLerYngCI0kOXq3ORGjPTCGafHclahCx0Qx50GZyQvoOIJarksP8LTkuiIb7RB7Zoj_y3s5S--9Xi_cTXGvVAHhr3ZkZeRBTJicWVVomqN5T6dBPlrJojdT49vIqYbfWTDxJZVMniuyYM3wuVJPv8jXBTi7BJN73vSFe50hVAGiuxK8QzHxdWiMLkenDQEbNWTN4y5NuajysPGnsHpI1PbTrWrLIimxyFe3neyiTSEthL0JcF71S9h59tSuIefNlF6NVi8x56Iup5Lj_Pt4zrPpYXf3rj9wrjnYrCO9EmIAtxu91gDHMtCsFYTOw7YfNtVZNdrfk8O_5OLBkdW49uQGWohpnKAsp2hnQzuoNrtoYNuhoDDbHPp8OaxholAgKZcDI8aCrynE2MmLh6gLX_eU5PUAWS3dJTbVgxzfuVrRxb9_KswCMumiYxgVFH9LHJJiFsnPzKd_3kNxNom3BvjUZo3A5zBMZyJ1rqw4md-wI8K8W0_FOlfSXkjZ0u-Ew22M7-_T_4G0jt6aJbv3d-PmY6m1KO5gjAyvC_mtxZ-cqCLVGTLmchSOpWOGkvyKus6eP-bDzDCH0i8Qk5PIYp3vqoxevnYy7uBPhY7n3p_MtlbUcFwHbDsDATCwarzVTJc3UduO_mg9u_w88NSYzmwcZM3A7PO8soujrkfplydXB2Fr762y6jgY07mwIkCLmjmQ8S-39HCRrZR-elzFePF4sEpDx7BJiJN6bmJaMR70Y0FmdsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 136E 42 B
64 B 73ms
72ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkBXR6-73SINP045DQrRPzx_9o6546SDp0HSlusKnlqYg7-bJFCa3DEoVVAHKGWnYnFzrkGa9jvbQbY50VdZW9LPqdMJbmWhp7wxvFJpKdE4Ul_OGGm4LYFYvhfXZjXgbo_VY6D-hXZA&sai=AMfl-YS_ptUFaP80hUdpcmRhwbQfToEmdPCMqJWv-f7gsqxcNIIl07ONX91avEKE9TUNIRpQvmaGAKEATn9abfRX5mGnGnjkIrlnRe51Dv41_r7yT7iFk46PqGRyj7uY&sig=Cg0ArKJSzPHCzrXwfLkOEAE&cid=CAQSPADICaaNwCfGPe0IoU1jWnQ2o4UbEM_lovPfm2IDKD_RrsFmXBdyNHBL6dEwjXKlt8GpnOPHjFYh34eZDBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1748549453&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699978256028&rpt=976&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 16:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F2F 0
0 66ms
66ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1859236805617545&bg=!3t2l3ZLNAAZxrfrxUa07ADQBe5WfOMJszFCvNBWl1W61X_MXE6isqkR3Ol_6a1IpP2bRF979E9HSeVbiTcj1UZHF6_YTAgAAAKxSAAAABGgBB5kC2j0ZVCvUndUK0OfJHeJjWE5_DM1g5M1cnKY6FsQyO0-TxCBcl68PKkluwyYEurG6y-w1nx-yobPpc_hrkUIgegIMWGDRZV9xSKyn3R576hi_ogIXJ-Cd_a6ZNo1V0ra0gbkoc9w5Kp7Rm57F0bZmpF39HaQuBELHqkvE1dfTlPsVJq-pAqT_ZzjYJV_ot_NsVKWWemvGZV_EcPstCHTOEaArY4cLTx3Or0NuRIOlL8k9u67ipvCAFBFUo_kkVct07bc6lREDnZ7jqlEVKCCjRWOb7N1rR70VL2Gr1fEGEMXWjHeNb4svR6fnCnFtdgHIYoZGIK2zDQjmaifd3iCcd4fXTcu-OvK02BD4rWGtYY9hLWSqx4Lr5gnKP11_2Je8sU3g54ZS-s6Fd8RR75NpM5-fCe0kNZ_myoPZXvLXB5b5gqggM6lZs6fqkvf0G95_ywj38wOojcXujjWbEYRj36qE9Ok52oqEd3MPEWsZ6wY-17670hQa596JlCq6ljfparBSjTS-JTS9vrz5qezXk4xf-FhlJyv56_Hej-rDU92rikvuPLooJe6hNJJX7NSweT0Bp3aOYyHMAGY6S13fqagZofY79WXru6lnbUwu9tYfdqqmtzKo5KypRxyM4Pk-R05zpOu2rbXpialC9nQtXiIubdCja8Kkvv1KNiBjavXfgSTfG9orOc0NZaC8tghYCtiQul5jF2nbjvGFmepaVjo9gkuE_zIdAO5G794namWUz35KQmvQsiGDY8CFAtTC5__uOsDqo2oLaG8OCXxqDu0cqHNdfGBjmqTxYbrJ4VtcFKLen8Q8__LGG9tIxfpzuQ1Dcyj1KZI2QRIXySdhQSkH0bsx8X4i3rVY4N1HO-ei13eIrOv1t8dKAtLKmIQlP0i3bL8tbzn7JPagXAjiglQXRTjCUjIhO0cGK9WaCMgJMn5CiMiRnsHKSMC9mA52LszGZ0x07KYrJFI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1944190936163036&bg=!s7ClsP_NAAZxrfrxUa07ADQBe5WfOIM7i3M8Uok9X3FME7Ox_DUMf5Mfje2m3TECp_y6iz66u4zeu-R4UykYrzjjqVwvAgAAAJNSAAAABGgBB5kCvFB2skibbxeazl3CcsXYMSmx69ot1NEnKTUUaJehh_jmJPdfa_Reom3LIvOYZKghDvtvcD14PaLO-_CgiAGwgbqshUl9a3F9X3XVfZbs-4Y-q2Gyb91l3ZPMpVcLRtlE2rVJWsRA-AtcJpdAbV3z8qRsSr1kSHI0uXTA8G79PCm6tCkn_VNujznFcqRf-9O7CM650q32-hfchCM9cH7CGP_xNeLexGyd9rFpAqvtsLg8qE-E9Wu8NHBAcoSleDPjLcHT3NiUToJC6hmibzX7tEoMgZJWldzpkKiJFlop5sXuangZe91VSyp4NIjXeXj8VsyRcjJFDzM2GUdQAbOUPQDNToQMk6z2TwvgRVhc64vQZhUA-j3-L1hYU-CaybVGRyLw4pFkRsMkw8i36lVgE996tD0QYagba8AZpcOT8opiEsCxWKjhCOERFpdLY2iHCYFWQ7zWj14UKW3ryphQVyaVl2HwAMkZUsJJzK9KYOcF5IL6UrKV6821J5DX1VQLeoNJXdbEG_XPJYDbbRoC4ljSeQCHbiuebNEGVWCfk3nmASY4ng9uhTFMMjlKure7TSoxYWJplJu3z4QkXFhPcFnWyvH_dQUU98GhNeMgFJzB4z7nl3Ls0Gsz9gUR1FyQ34-eCkPaEH-426MR8iPwejqgcfN7BpnjHxtSxxLgE1CEWY9eSBv6Ra38DuofU-US82_d5zbe_VEtCqNcs1hvLLCV5aYDZxdOnusBB1xZl0JnHMCvyiOZcVyvJjh6JD8IXfGx0i8FOK7ya6DaWS8l-y7raIPvvUvF84ECsRNoY7RIQ8jZnBbkTCzyvMlk0oLIdfRe-HfO9aH3nYvEra6H8qMi7mRPBvvn_vdZDZdfKULLkxBjWy_zi3VbB3m4P6OCrhDSfnzgXSR14xGLCtxFQ7OdJ1pXefUm8JJIUMo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wingwah.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2

200

info.html Show response
komkatkaj.org/ Frame C2FD
Redirect Chain

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=10009460
https://komkatkaj.org/info.html

1 KB
2 KB

237ms
237ms

Document
text/html

103.66.86.91
IDNIC-BUKUKU-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://komkatkaj.org/info.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.66.86.91 , Indonesia, ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID),
Reverse DNS: ironhide.idserverhost.com
Software: imunify360-webshield/1.21 /
Resource Hash: 9e091b45b424ecddca457f7f221e33ff745be0bd0dacb6219c13f91da0cb132c

Request headers

Referer: https://komkatkaj.org/info.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Tue, 14 Nov 2023 16:10:57 GMT
last-modified: Tuesday, 14-Nov-2023 16:10:57 GMT
server: imunify360-webshield/1.21

Redirect headers

content-length: 142
content-type: text/html
date: Tue, 14 Nov 2023 16:10:57 GMT
location: https://komkatkaj.org/info.html
server: imunify360-webshield/1.21

GET
H2

200

info.html Show response
komkatkaj.org/ Frame C2FD
Redirect Chain

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=12827191
https://komkatkaj.org/info.html

1 KB
2 KB

237ms
237ms

Document
text/html

103.66.86.91
IDNIC-BUKUKU-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://komkatkaj.org/info.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.66.86.91 , Indonesia, ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID),
Reverse DNS: ironhide.idserverhost.com
Software: imunify360-webshield/1.21 /
Resource Hash: 66a8366f22ba06d9af1c62cc271f744bc4939cd650648df0700f9b84a8749d2f

Request headers

Referer: https://komkatkaj.org/info.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Tue, 14 Nov 2023 16:10:58 GMT
last-modified: Tuesday, 14-Nov-2023 16:10:58 GMT
server: imunify360-webshield/1.21

Redirect headers

content-length: 142
content-type: text/html
date: Tue, 14 Nov 2023 16:10:57 GMT
location: https://komkatkaj.org/info.html
server: imunify360-webshield/1.21

GET
H2

200

info.html Show response
komkatkaj.org/ Frame C2FD
Redirect Chain

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14370893
https://komkatkaj.org/info.html

1 KB
2 KB

237ms
237ms

Document
text/html

103.66.86.91
IDNIC-BUKUKU-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://komkatkaj.org/info.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.66.86.91 , Indonesia, ASN142376 (IDNIC-BUKUKU-AS-ID PT Bukuku Solusi Kreatif, ID),
Reverse DNS: ironhide.idserverhost.com
Software: imunify360-webshield/1.21 /
Resource Hash: 0f98e39918d7987454506a2448811ff08f2792cea3fdc4034d194a04d641eafc

Request headers

Referer: https://komkatkaj.org/info.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Tue, 14 Nov 2023 16:10:58 GMT
last-modified: Tuesday, 14-Nov-2023 16:10:58 GMT
server: imunify360-webshield/1.21

Redirect headers

content-length: 142
content-type: text/html
date: Tue, 14 Nov 2023 16:10:58 GMT
location: https://komkatkaj.org/info.html
server: imunify360-webshield/1.21

GET

info.html
komkatkaj.org/ Frame C2FD
Redirect Chain

https://komkatkaj.org/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=19371836
https://komkatkaj.org/info.html

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pontiarmada.com
URL: https://pontiarmada.com/news/2023.html

Domain: komkatkaj.org
URL: https://komkatkaj.org/info.html

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 01:48:58	Name: IDE Value: AHWqTUkdQV8WHWBpHATvQHc1uqb_XtGf4lcxAjfW3cHnVkMYi4Kj2qS6a6v3Xj-XmNA
.acuityplatform.com/	1970-01-21 00:58:34	Name: auid Value: 852419483827
.acuityplatform.com/	1970-01-21 00:58:34	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXNTGg20mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVzUxoNtI90aGlyZFBhcnR5VXNlcklkWkNBRVNFRzRINEFTV2s4TkZ4OXVneTFzbzRZWfv7hnZlcnNpb27C+w=="
.adentifi.com/	1970-01-21 01:48:58	Name: adtheorent[cuid] Value: cuid_64c1bee2-8308-11ee-8224-120817463c8f
beacon.lynx.cognitivlabs.com/	1970-01-21 01:00:00	Name: UID Value: dbb3caed-55a2-4fa9-a83c-5bbf78fd04b6
beacon.lynx.cognitivlabs.com/	1970-01-21 01:00:00	Name: ss Value: tQEJ7C7jRqlup%2FolqoGcM9%2FAzIbcvN1A5T4BfXUlT7CZYNrsN1jM8NfM95ydutiuuT7ciU8hdIW24lPauAletg%3D%3D
.everesttech.net/	1970-01-21 00:58:34	Name: everest_g_v2 Value: g_surferid~ZVOcEQADzmuDTAAj
.adx.opera.com/	1970-01-21 00:58:34	Name: UID Value: OPU50b49afbc7ef4cb1841be245fbc8c111
.yahoo.com/	1970-01-21 00:58:55	Name: A3 Value: d=AQABBBGcU2UCEM6zr56IaYoRNfkF5d7b6RoFEgEBAQHtVGVdZQAAAAAA_eMAAA&S=AQAAAlctlju8xkyRFvjGJz63jr8
.tribalfusion.com/	1970-01-20 18:22:34	Name: ANON_ID Value: aAnt6ZaqO2c8U2OqnuurSQcLFH8b2bHqPQD59IhQNQwvSXHDmkf5Sv7VymF5iZab5W4QVY8P6VU0wq741U9JASKPlUPoJ3
.travelaudience.com/	1970-01-21 01:43:12	Name: _tracker Value: %7B%22UUID%22%3A%22123CF9D3-0624-4B24-1525-728B6B07DAD5%22%7D
.owneriq.net/	1970-01-21 01:48:58	Name: si Value: Q7532646571659514519P
.owneriq.net/	1970-01-20 16:27:22	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 16:27:22	Name: gguuid Value: 1
.googleadservices.com/	1970-01-20 18:22:34	Name: ar_debug Value: 1
.adform.net/	1970-01-20 16:56:10	Name: C Value: 1
.send.microad.jp/	1970-01-20 18:22:34	Name: TR Value: 5ebc02e709635e50b72a35bbafed53e063d1bc1741e34f30
.adform.net/	1970-01-20 17:39:22	Name: uid Value: 8693217931202912734

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wingwah.fi/wp-content/plugins/elementor/assets/xii/linkedin_/login.php?email=&redirect=http Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1699978255&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2Fwp-content%2Fplugins%2Felementor%2Fassets%2Fxii%2Flinkedin_%2Flogin.php%3Femail%3D%26redirect%3Dhttp&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255543&bpp=5&bdt=149&idt=221&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612511993756&frm=20&pv=2&ga_vid=503435451.1699978256&ga_sid=1699978256&ga_hid=647299550&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=1944190936163036&tmod=434537542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3279755396&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwingwah.fi%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699978255737&bpp=10&bdt=96&idt=193&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=334762032434&frm=24&ife=1&pv=2&ga_vid=571567283.1699978256&ga_sid=1699978256&ga_hid=1844738955&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=230747750&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44806139%2C44807764%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=1859236805617545&tmod=715259656&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.60db7mteexfr&fsb=1&dtd=217 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
aid.send.microad.jp
beacon.lynx.cognitivlabs.com
c1.adform.net
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
komkatkaj.org
pagead2.googlesyndication.com
pontiarmada.com
pr-bh.ybp.yahoo.com
px.owneriq.net
rtb.adentifi.com
s.tribalfusion.com
sync-tm.everesttech.net
t.adx.opera.com
tpc.googlesyndication.com
ums.acuityplatform.com
wingwah.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.wingwah.fi
komkatkaj.org
pontiarmada.com
103.66.86.91
142.250.80.98
151.101.66.49
172.217.165.130
18.233.115.175
184.86.146.172
185.167.164.43
202.233.84.1
2600:1f18:4e9:5a02:a344:818b:7db4:692b
2606:4700::6812:18ad
2607:f8b0:4006:806::200a
2607:f8b0:4006:807::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
3.222.67.46
35.190.0.66
66.84.29.14
69.90.254.78
82.145.213.8
97.79.236.49
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d0b1e91944f4241ef9f7c99a4da1e1bc787d94e548857eab1652d3ffa232fad
0f98e39918d7987454506a2448811ff08f2792cea3fdc4034d194a04d641eafc
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1aeea8d11b236ae76a6639182a9e4d78329b7f2556278b0478ae580a04408cfb
202e902edab3aa57464705ebbd84a5f7587bb91a29b37b70efaa1995512fe9c3
2bd76ddaf7ae0f0f385a63b99e7fd64fc1a2b95d2a5d2c320977726423ed3b17
2bf29880f345c4c4ba1f43ba7395f57c285602edc36147070ee92387ccbc307a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32170b03598d2e20c2ddf443bc437d0fe8d3725c6b266596797cfa40284f898e
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d13d3c8345fc6d70140ee7190c7fd29ec6fa7b76281d68c87ff99fc9d1c4d3a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
469878f556e22380837f1140f73ce3aa9dc8797146fbee6ff60a85f47b01f7f8
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53ead4069e4d0aa72b1696c9de76e6e8205fd764abb1c068a3ea0a72a3e25432
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4127cabaa55d8a3b6341e8697d701544274c7a589d9f544c27ef0ea53f6766
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a8366f22ba06d9af1c62cc271f744bc4939cd650648df0700f9b84a8749d2f
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6ce7875c819b155e23c71443be6153d3f6dc2d4cbee2168c97eff06b56ddddcc
74c939a897034cf9dbae1402c8b2a72d3c4251b99cf94a7aab5fb9f7b49d8b23
7764242e66805d5e0d0513ff74fd68f0737c764e5db5332ea2ada227fa8a6819
7bed9842dac019d677e56dd8ead0674a35c21b7a4d3c14dc85745d4a192044e6
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8fb47e31feef060d3b2995361269b81521f8a9f04dec3054d0f210bf42671415
96eeed9796feb837c5252aa30a0606c2b6b814e4900c83d5638085d58ffd9634
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e091b45b424ecddca457f7f221e33ff745be0bd0dacb6219c13f91da0cb132c
9f5011c6f5ad27d378964813c0663f202d82f9347fdce631c41971a5cc6d88e7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756
c0c7953a3dbcdf0ee58e12b0a733f067568071b8e454320a01fe0482a1d96706
c853a028d1b1cefa5217675986596f214186857f4e7edc1eec479f0e480d1433
cdb21af499d878b77941c804fbee93cd2d5a4e8e5b48caf47f9dd5d20a37155c
ce8ae6072812bd611e4235fdfc3f7af77580ab5d73bd247871b3b646ca5e414c
d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67
d66cf04152b0c648a539d4092c7a457a477344076e85f393ea8a9ade990c02bc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83534f90e5f60b286670b7111f7eb2a5fa43448808301574bf1b3782a46be52
e277fca4a2ba1aa7a9e8870c706364f1f2965b06a3f9dc8c88e8a3cf4bb8b622
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e594d43ef5e6a3b462f2b1d47c0b4fdbc1178df5b7e5046dff5d208262a042c2
eb3bcbbd76bcc408a91ea043d28c4e96bc03f7237255c8de6c181275c77736a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
f8e8edee1c959e254bbcb83b19fac6f3155bc8fb7e08359b379220e1eabdb8d3

wingwah.fi Open in urlscan Pro 97.79.236.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

84 %HTTPS

39 %IPv6

21 Domains

26 Subdomains

16 IPs

5 Countries

1186 kBTransfer

3237 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wingwah.fi Open in urlscan Pro
97.79.236.49 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

84 %
HTTPS

39 %
IPv6

21
Domains

26
Subdomains

16
IPs

5
Countries

1186 kB
Transfer

3237 kB
Size

18
Cookies

104 HTTP transactions
6 data transactions