wiratechmesin.com Open in urlscan Pro
172.96.191.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Effective URL:
https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Submission Tags: falconsandbox
Submission: On March 24 via api (March 24th 2022, 5:32:48 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 57 HTTP transactions. The main IP is 172.96.191.205, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is wiratechmesin.com.
TLS certificate: Issued by R3 on February 11th 2022. Valid for: 3 months.

This is the only time wiratechmesin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	172.96.191.205 172.96.191.205	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	172.104.175.51 172.104.175.51	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
57	21

13 172.96.191.205 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.205-static.reverse.arandomserver.com

wiratechmesin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.175.51 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1766-51.members.linode.com

wiratech.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	255 KB
13	wiratechmesin.com 1 redirects wiratechmesin.com	244 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	13 KB
4	gstatic.com fonts.gstatic.com	85 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	26 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	8 KB
2	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	48 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	37 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	648 B
1	wiratech.co.id wiratech.co.id	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
57	15

	Domain	Requested by
13	wiratechmesin.com	1 redirects wiratechmesin.com
8	pagead2.googlesyndication.com	wiratechmesin.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
5	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	ajax.googleapis.com cdnjs.cloudflare.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	wiratech.co.id	wiratechmesin.com
1	ajax.googleapis.com	wiratechmesin.com
1	www.googletagmanager.com	wiratechmesin.com
57	20

This site contains links to these domains. Also see Links.

Domain
wa.me
www.tokopedia.com
wiratech.co.id
url

Subject Issuer	Validity	Valid
wiratechmesin.com R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
wiratech.co.id R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Frame ID: CBC4BF32AC3B697DD84389C5A7613CF5
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 7962EE95EE3BAEE89248C59CBB5F481B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6521200514466567&output=html&adk=1812271804&adf=3025194257&lmt=1648143163&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwiratechmesin.com%2Fmesinwiratech.com%2Fwp-content%2Fplugins%2Fw3-total-cache%2FSH79ku.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648143163617&bpp=2&bdt=299&idt=140&shv=r20220317&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2625230705202&frm=20&pv=2&ga_vid=1689363324.1648143164&ga_sid=1648143164&ga_hid=379852269&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065859%2C31063246%2C31064018&oid=2&pvsid=260885845344360&pem=684&tmod=868615225&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: 83D3E8F994038A9F7ADEA8CFBBDD0800
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBCE8EBC9E28ECCEF52F6AB54FBD8838
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjyrOwAOypMIFWNZAAmucZMM85Ad6hXXVZ0k4Q&u=%7Cd7Lx6T430AM75WCP0ugQE%2BWkvE9aeEZ4DGdG%2BChV6y4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdQ1Ng5qOnzppANVk_XeZ2_k6nNjQYcq5tIhLVHKvE3jChjShvRlvIPhbqOiz0G6q-CWcLKC3_otz52_k26huyhFibQHHZXS-be2fTX9LyPugOeDhH8kZotNOU_JGiBAo-ChM4wrBbuUmIXOVwCQG09XvjtjjFIDk0S7ur3L30Kl2kRgarMBD1p3S_9BDwT-GMfF0wz8rd6UttvWvBAFKiEcrMYI9sjN4JkLOI9CPQQOisBoX-lcDmhSTvXmOJmakynIN6_hkLlm0rnkhAPtmNPei4P9WFjEMzhoomx_S6YDwzC5CbdHz0QjZXQjTx7i2QwRvBzm9Z-54X06aG7KHvOjspVO5lRFfCaD2zWoE6DNTQYdQQv2oe7aFeXxwK0lW0Ehxm-FaPb9_iMqWkmq5hOr13zQxqj1tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJU5KO6s8YpOVO9nG1fAP8dymwAzJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTIxMjAwNTE0NDY2NTY3oAHVttLqA8gBCakCR_fvZ_dusj6oAwGqBP8BT9AOYYRis2n3MfyEVw_ivbpVFod1XkP7UxFcv5X2yv8ksJXSTwZpVlMANxIU0zmzZNSjV_Mcid0Xrkg9qRT445XrbvBNmC8Ilwyl4rXBShinzate0DrCjbvnZNBZLFrd0RAuAX53IDXAVrA_5TgVDYuAi7mgwluxB3UP8R8wifFnslkfwFwNFndWDhwnUzQRXKHlFbP5Omwvi_h1iPiOd4KaoL5ZLeunGhw_xpdRfrCvWZ3qhA8dgUiGfAwwpZjQKIQPl6jziGhXzTf6l6GKBcwnf-zBFFWwZRbElk3dMFId4doym_I0nyWp41dKpYVmsIKGhKBQ0gvVFU5r350WgAbqu9r5rquukeMBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2p7eUa_vkTvmijyGJehU8Q4uSa1g%26client%3Dca-pub-6521200514466567%26adurl%3D
Frame ID: 457DDC379BF1DE178E62CCCF4C4A9130
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F96067C3395C1BEDD47F5C00DA85EAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BAA39D7F6B3B0BCDE530F27F5B75910B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - wiratechmesin

Page URL History Show full URLs

http://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html HTTP 301
https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Page Statistics

57
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

21
IPs

4
Countries

781 kB
Transfer

2091 kB
Size

5
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/6282366300300
Title: <img src="https://wiratech.co.id/wp-content/uploads/2018/07/whatsapp-logo.svg" width="20" height="20" class="lazyloading" data-was-processed="true" alt="wa-service"> Chat with Us:082366 300 300

Search URL Search Domain Scan URL

URL: https://www.tokopedia.com/wiratechplastik/review/
Title: Review di Tokopedia

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/download-katalog/
Title: Download Katalog

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/product/kursus-bakso/
Title: Kursus Bakso

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/testimonial/
Title: Testimonial

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/cara-belanja/
Title: Cara Belanja

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/delivery/
Title: Delivery

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/karir/
Title: Karir

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://wiratech.co.id/delivery
Title: Delivery

Search URL Search Domain Scan URL

URL: http://url/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html HTTP 301
https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request SH79ku.html Show response
wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/
Redirect Chain

http://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html

233 KB
51 KB

1156ms
821ms

Document
text/html

172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 05add8cbfe17d9fd4dd99b28790a0495988976926200f68827812b2c7bf21a4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wiratechmesin.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Thu, 24 Mar 2022 17:32:42 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
content-length: 0
date: Thu, 24 Mar 2022 17:32:41 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 136ms
50ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55034506-25

Requested by

Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a65896a95c3f0c95d853f19eded1e96ac811b73ff00d78ec833b522ce36ab54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37165
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 16:31:56 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Mar 2022 17:32:43 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 19:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:37:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 151ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f93a3444ac49bbd745cb7bf5eaef709bb7513f3582adfa0cb0c04dd7e76023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53934
x-xss-protection: 0
server: cafe
etag: 6713806924035187617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 17:32:43 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cc2cea06730cc4a3f209d576546115f6c20d0c048c1e37ee92e6209e4101b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fl-icons.woff2
wiratechmesin.com/wp-content/themes/flatsome/assets/css/icons/ 5 KB
6 KB 168ms
168ms Font
font/woff2 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e

Request headers

Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Origin: https://wiratechmesin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
last-modified: Fri, 15 Nov 2019 07:00:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 5496
expires: Fri, 22 Jul 2022 17:32:43 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e5795e3dc340124711dd81d49d02bf3931096305840a800c22d829baba2915a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lazysizes.min.js Show response
wiratechmesin.com/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 172ms
170ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.1
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f49e5eccbf420949ddb76cfa2ca1430c8f733b06fb2a35d8fed1182b41613530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Thu, 01 Apr 2021 01:40:14 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3907
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 wp-polyfill.min.js Show response
wiratechmesin.com/wp-includes/js/dist/vendor/ 97 KB
32 KB 181ms
178ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Thu, 01 Apr 2021 02:15:39 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 32625
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 hooks.min.js Show response
wiratechmesin.com/wp-includes/js/dist/ 7 KB
2 KB 179ms
177ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/hooks.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Fri, 10 Sep 2021 05:41:46 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 2214
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 i18n.min.js Show response
wiratechmesin.com/wp-includes/js/dist/ 10 KB
4 KB 178ms
176ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/i18n.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Fri, 10 Sep 2021 05:41:46 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3721
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 lodash.min.js Show response
wiratechmesin.com/wp-includes/js/dist/vendor/ 71 KB
25 KB 173ms
172ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/vendor/lodash.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Thu, 01 Apr 2021 02:15:39 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 25093
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 url.min.js Show response
wiratechmesin.com/wp-includes/js/dist/ 9 KB
3 KB 178ms
177ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/url.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f37005a1dab16d395a5a678b500f00e1c08ee293d2aa940be9b82b1504e27989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 05:14:28 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 2981
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 api-fetch.min.js Show response
wiratechmesin.com/wp-includes/js/dist/ 12 KB
3 KB 177ms
177ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-includes/js/dist/api-fetch.min.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Fri, 10 Sep 2021 05:41:46 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3308
expires: Fri, 24 Mar 2023 17:32:43 GMT

GET
H2 200 autoptimize_5b8f8238ee8ea6eb769bc25ca2cd4258.js Show response
wiratechmesin.com/wp-content/cache/autoptimize/js/ 283 KB
84 KB 179ms
178ms Script
application/javascript 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-content/cache/autoptimize/js/autoptimize_5b8f8238ee8ea6eb769bc25ca2cd4258.js
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: de69772f0fb7c412518111501ce7110d85d2dd1cdc4ea5103fa587a6bea9bdd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 11:46:03 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
accept-ranges: bytes
content-length: 86279
expires: Tue, 14 Mar 2023 17:32:43 GMT

GET
H2 200 ccw.ttf
wiratechmesin.com/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/fonts/ 2 KB
2 KB 176ms
176ms Font
font/ttf 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://wiratechmesin.com/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/fonts/ccw.ttf
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 9da301db94f4c2438eb49b32dcdd294c136d202e477decc8788b0ba04baa14a3

Request headers

Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Origin: https://wiratechmesin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
last-modified: Thu, 01 Apr 2021 01:40:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=10368000,public
accept-ranges: bytes
content-length: 2084
expires: Fri, 22 Jul 2022 17:32:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55034506-25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7073
date: Thu, 24 Mar 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 17:34:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 129ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CDancing+Script:regular,400

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90d19cf4b19b780727737eac6cf7792da501a162b1de21202702447181bc126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 17:27:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 17:32:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 17:32:43 GMT

GET
H2 200 WhatsApp-Image-2019-07-05-at-10.51.19-AM.jpeg
wiratechmesin.com/wp-content/uploads/ 28 KB
28 KB 304ms
303ms Image
image/jpeg 172.96.191.205
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wiratechmesin.com/wp-content/uploads/WhatsApp-Image-2019-07-05-at-10.51.19-AM.jpeg
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.205 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.205-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 8cd375c6c62963c6c8229bc092d311c0d5033486077e99f0f8f25ab5020b2e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
last-modified: Fri, 15 Nov 2019 07:00:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
content-length: 28237
expires: Fri, 22 Jul 2022 17:32:43 GMT

GET
H2 200 whatsapp-logo.svg
wiratech.co.id/wp-content/uploads/2018/07/ 2 KB
1 KB 566ms
169ms Image
image/svg+xml 172.104.175.51
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wiratech.co.id/wp-content/uploads/2018/07/whatsapp-logo.svg
Requested by: Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.175.51 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1766-51.members.linode.com
Software: Apache /
Resource Hash: 73ab81e524dcb76a8b1510463528258c4f85f2113dce78e11c438cc438fd8b88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
last-modified: Wed, 11 Jul 2018 09:50:13 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1196

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 297 KB
107 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6521200514466567&plah=wiratechmesin.com&bust=31065859

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7df046c84f69023be8e085feebb53994892e886ff13b8cb311293a5eb1ad6a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109418
x-xss-protection: 0
server: cafe
etag: 5982640233714985484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 17:32:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 7962 10 KB
5 KB 348ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 23 Mar 2022 23:27:16 GMT
expires: Wed, 06 Apr 2022 23:27:16 GMT
cache-control: public, max-age=1209600
age: 65127
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 310ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CDancing+Script:regular,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wiratechmesin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 79332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:31 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 362ms
93ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CDancing+Script:regular,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wiratechmesin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 79333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:30 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 93ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=379852269&t=pageview&_s=1&dl=https%3A%2F%2Fwiratechmesin.com%2Fmesinwiratech.com%2Fwp-content%2Fplugins%2Fw3-total-cache%2FSH79ku.html&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20wiratechmesin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1198675882&gjid=812306627&cid=1689363324.1648143164&tid=UA-55034506-25&_gid=74354569.1648143164&_r=1&gtm=2ou3e0&z=264894618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wiratechmesin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 17:32:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wiratechmesin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
fonts.gstatic.com/s/dancingscript/v22/ 23 KB
23 KB 328ms
75ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dancingscript/v22/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CDancing+Script:regular,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a38ccdde053e04b0ca3145abfd9198deccde79dc94ce1f8296defe8d5bc20968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wiratechmesin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:22:06 GMT
x-content-type-options: nosniff
age: 83437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:45:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 18:22:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 225ms
48ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wiratechmesin.com&callback=_gfp_s_&client=ca-pub-6521200514466567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6521200514466567&plah=wiratechmesin.com&bust=31065859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1a80873bac4b3fe1bb126e90861bb72f868a5da3e93743a64036d1d4a277bc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 220ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wiratechmesin.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 221ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wiratechmesin.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 17:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwiratechmesin.com%2Fmesinwiratech.com%2Fwp-content%2Fplugins%2Fw3-total-cache%2FSH79ku.html&tn=DIV&id=style-6&cls=chatbot%20btn_only_style_div_circle%20pointer%20ccw-analytics%20animated%20no-animation%20ccw-no-hover-an&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: wiratechmesin.com
URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 17:32:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83D3 68 KB
17 KB 471ms
469ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6521200514466567&output=html&adk=1812271804&adf=3025194257&lmt=1648143163&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwiratechmesin.com%2Fmesinwiratech.com%2Fwp-content%2Fplugins%2Fw3-total-cache%2FSH79ku.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648143163617&bpp=2&bdt=299&idt=140&shv=r20220317&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2625230705202&frm=20&pv=2&ga_vid=1689363324.1648143164&ga_sid=1648143164&ga_hid=379852269&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065859%2C31063246%2C31064018&oid=2&pvsid=260885845344360&pem=684&tmod=868615225&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3854109091367ad2ccc898946627288ec558dc9c5b7f406d44996b83f36c1a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Mar 2022 17:32:44 GMT
server: cafe
content-length: 17093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 17:32:44 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 108ms
61ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4a3a3437ee2d308481f94ece9dab7f92516040ae78ba263c11f96ef54ddeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10665
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 145 KB
51 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/reactive_library_fy2019.js?bust=31065859

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8919266923f992a0a6b54655d2d56a0866953b5266304c22a8a5a0c55127eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52589
x-xss-protection: 0
server: cafe
etag: 14381602128732167386
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 17:32:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 91ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wiratechmesin.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 98ms
51ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wiratechmesin.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/ Frame EBCE 10 KB
4 KB 87ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 23 Mar 2022 22:59:20 GMT
expires: Wed, 06 Apr 2022 22:59:20 GMT
cache-control: public, max-age=1209600
age: 66804
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 17:32:44 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 457D 147 KB
48 KB 142ms
108ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjyrOwAOypMIFWNZAAmucZMM85Ad6hXXVZ0k4Q&u=%7Cd7Lx6T430AM75WCP0ugQE%2BWkvE9aeEZ4DGdG%2BChV6y4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdQ1Ng5qOnzppANVk_XeZ2_k6nNjQYcq5tIhLVHKvE3jChjShvRlvIPhbqOiz0G6q-CWcLKC3_otz52_k26huyhFibQHHZXS-be2fTX9LyPugOeDhH8kZotNOU_JGiBAo-ChM4wrBbuUmIXOVwCQG09XvjtjjFIDk0S7ur3L30Kl2kRgarMBD1p3S_9BDwT-GMfF0wz8rd6UttvWvBAFKiEcrMYI9sjN4JkLOI9CPQQOisBoX-lcDmhSTvXmOJmakynIN6_hkLlm0rnkhAPtmNPei4P9WFjEMzhoomx_S6YDwzC5CbdHz0QjZXQjTx7i2QwRvBzm9Z-54X06aG7KHvOjspVO5lRFfCaD2zWoE6DNTQYdQQv2oe7aFeXxwK0lW0Ehxm-FaPb9_iMqWkmq5hOr13zQxqj1tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJU5KO6s8YpOVO9nG1fAP8dymwAzJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTIxMjAwNTE0NDY2NTY3oAHVttLqA8gBCakCR_fvZ_dusj6oAwGqBP8BT9AOYYRis2n3MfyEVw_ivbpVFod1XkP7UxFcv5X2yv8ksJXSTwZpVlMANxIU0zmzZNSjV_Mcid0Xrkg9qRT445XrbvBNmC8Ilwyl4rXBShinzate0DrCjbvnZNBZLFrd0RAuAX53IDXAVrA_5TgVDYuAi7mgwluxB3UP8R8wifFnslkfwFwNFndWDhwnUzQRXKHlFbP5Omwvi_h1iPiOd4KaoL5ZLeunGhw_xpdRfrCvWZ3qhA8dgUiGfAwwpZjQKIQPl6jziGhXzTf6l6GKBcwnf-zBFFWwZRbElk3dMFId4doym_I0nyWp41dKpYVmsIKGhKBQ0gvVFU5r350WgAbqu9r5rquukeMBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2p7eUa_vkTvmijyGJehU8Q4uSa1g%26client%3Dca-pub-6521200514466567%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cad8e288fca1dc35175d760cf34e63c29878201d9d8bc09251d4e2f13dfc9530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=H1cM-Rtjoh-ycPDr-WihY7g38MhDaoii5XIfwdQCnkw_NN6mZC7jmO2Dm3N4jQTLbWAQ5hdwvUrnSMLRJWtl46OX4jkzGDCEbfLZTElSdEk2k8F_ys0Q7X9eEd3Y9c3UBuejvd9d636fxWdbdlJx0Qmx3l2T3_rOPvuZ7WTPNm1y0swObD3JPh5ndBKoIeJEiSQMtxfKc_sLUC8uFTpTmMMqLAur0MK8-RR6BZOu2syrQNwpoTwrdE51p25rF6ZfsM0H1g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 87878125
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame EBCE 2 KB
2 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 17:30:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBCE 119 KB
37 KB 146ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 17:32:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame EBCE 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 17:30:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F96 13 KB
5 KB 82ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 13:35:12 GMT
expires: Fri, 24 Mar 2023 13:35:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BAA3 783 B
1 KB 134ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dce30f2a5dca516e2ac56d1dc047f5be6dd0ea35516ef72d4219da4bfee81ca2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/4LYXY7LElZRJIh5rzr3Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Mar 2022 17:32:44 GMT
date: Thu, 24 Mar 2022 17:32:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/4LYXY7LElZRJIh5rzr3Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 457D 2 KB
1 KB 52ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjyrOwAOypMIFWNZAAmucZMM85Ad6hXXVZ0k4Q&u=%7Cd7Lx6T430AM75WCP0ugQE%2BWkvE9aeEZ4DGdG%2BChV6y4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdQ1Ng5qOnzppANVk_XeZ2_k6nNjQYcq5tIhLVHKvE3jChjShvRlvIPhbqOiz0G6q-CWcLKC3_otz52_k26huyhFibQHHZXS-be2fTX9LyPugOeDhH8kZotNOU_JGiBAo-ChM4wrBbuUmIXOVwCQG09XvjtjjFIDk0S7ur3L30Kl2kRgarMBD1p3S_9BDwT-GMfF0wz8rd6UttvWvBAFKiEcrMYI9sjN4JkLOI9CPQQOisBoX-lcDmhSTvXmOJmakynIN6_hkLlm0rnkhAPtmNPei4P9WFjEMzhoomx_S6YDwzC5CbdHz0QjZXQjTx7i2QwRvBzm9Z-54X06aG7KHvOjspVO5lRFfCaD2zWoE6DNTQYdQQv2oe7aFeXxwK0lW0Ehxm-FaPb9_iMqWkmq5hOr13zQxqj1tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJU5KO6s8YpOVO9nG1fAP8dymwAzJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTIxMjAwNTE0NDY2NTY3oAHVttLqA8gBCakCR_fvZ_dusj6oAwGqBP8BT9AOYYRis2n3MfyEVw_ivbpVFod1XkP7UxFcv5X2yv8ksJXSTwZpVlMANxIU0zmzZNSjV_Mcid0Xrkg9qRT445XrbvBNmC8Ilwyl4rXBShinzate0DrCjbvnZNBZLFrd0RAuAX53IDXAVrA_5TgVDYuAi7mgwluxB3UP8R8wifFnslkfwFwNFndWDhwnUzQRXKHlFbP5Omwvi_h1iPiOd4KaoL5ZLeunGhw_xpdRfrCvWZ3qhA8dgUiGfAwwpZjQKIQPl6jziGhXzTf6l6GKBcwnf-zBFFWwZRbElk3dMFId4doym_I0nyWp41dKpYVmsIKGhKBQ0gvVFU5r350WgAbqu9r5rquukeMBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2p7eUa_vkTvmijyGJehU8Q4uSa1g%26client%3Dca-pub-6521200514466567%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 457D 2 KB
1 KB 55ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 457D 308 B
637 B 50ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 457D 507 B
835 B 59ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 457D 43 B
348 B 55ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=L6DEUoGRxvkZO74yrx0jG_0BgWPCiiQNm_pkvGZshNg4DXiH3kVPsO2_Fj5r7p8R6cLdfdWG4i_uWJcsCImrR7ONFbcehWKm4fKTYmUJEoz1m43ZwtYx8-KH_AXIiVhAHri01xvEEr70dQTRc8Bft_d3Fa4JvwjQvWkg_rt5fN83ZUFcyBFW72OU_QyEYD9Trm1Pqaz922_Flm1jkLrbwvkzpKzeHGywD5O2szhWzQHbNFB8AvsEZl4w1AG3JZ0QM3Zg2hjwIYrAr2OXp52wVkus5ej1wnyffaTikjH0zvMWkULfYU1d_pAPhXxMa7aeRCsZlAjlkhc-hwJsC642lUvqaGB_O33g-aRCoj2UkYpwcPnWRXSFMU0v4YO4MXiCgyRaY7kz6gVpR5hWpY6qihOqD2ED0XJ3H6WrbrtUXD2u99jdBSKGKlleYd6luNbV2SLHrQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 17:32:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3139994
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 457D 12 KB
5 KB 55ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1967666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgrlCWw%2Btirn8NC0FxiOQOL65nhZQkRMMaM8sv47GCXn0SfIgqXcOvy3gPeCbWWQ34LeQGRP1BNhFcdAnEiU4uVL1YAy3XVCyoRQLw0frjMupA7nbvxk2o0MmUBFkjBbzwjFzymy0gvpF5AcZvhLva0E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f1125dc2c2b9162-FRA
expires: Tue, 14 Mar 2023 17:32:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 457D 12 KB
6 KB 34ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:32:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 457D 0
128 B 65ms
25ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=H1cM-Rtjoh-ycPDr-WihY7g38MhDaoii5XIfwdQCnkw_NN6mZC7jmO2Dm3N4jQTLbWAQ5hdwvUrnSMLRJWtl46OX4jkzGDCEbfLZTElSdEk2k8F_ys0Q7X9eEd3Y9c3UBuejvd9d636fxWdbdlJx0Qmx3l2T3_rOPvuZ7WTPNm1y0swObD3JPh5ndBKoIeJEiSQMtxfKc_sLUC8uFTpTmMMqLAur0MK8-RR6BZOu2syrQNwpoTwrdE51p25rF6ZfsM0H1g&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Mar 2022 17:32:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 457D 2 KB
1 KB 38ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 457D 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:32:44 GMT

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F96 35 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 17:30:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 457D 2 KB
560 B 91ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1ea27fdcd7685662aafddcb85508914ec4dbeecfb6525a81e1e7976f385419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 17:18:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 17:32:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 17:32:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BAA3 0
0 102ms
101ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=260885845344360&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F96 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xl5fTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:32:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 457D 15 KB
15 KB 87ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:27 GMT
x-content-type-options: nosniff
age: 79338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=260885845344360&bg=!NDelN3PNAAba2mK92to7ACkAdvg8WiRA3e6KWf3drInQYCamzQvsDsAZEjPPdfH2_5H8RdaFeypokwIAAABdUgAAAAJoAQcKAJ8sIa0bMQajDWsmpyIsgerhuxeXc-Mtt8yxPljk2XArzPerI441o8jagmhK3eNGgggFokS-DEtodPhEVQCYXLB1yG1tKngcv5NuTLZ3fH8HSxal4HdzzBkS0hW5NMybVgfNE9vu9j1J7K-zm9JnTsSMD-3UQgonQYqOfpPfX_wNkFKSYs-wXiD6FAqeA3dUrfD8Zm6TSiZA55TccTnVxUaZAs6PL6SUcRyLl6yUDmEXON3kqT0bPB2ukLRaO9w8G9BGWpUiL5vdc0xvDU8zzAosGiirH565hJh4yCJWmwOVGMgszLIRleKD6rF1NT4bPh5z1nYBCY-sy3D-cjo1X9Qxv76Nzp0P1EWr4r-bMJsOLB7c9t1AZTrEsXLOes6WhLQkkvxdbjKvGUh8B1RDbi9euu1SC1LW6K8jwcTvqxQxKnzKKgna3yKoBumfuY8PH6HyUIUGNSHhzp8DiWv5Oe-MFw6VnMXUIC53DSTR9p9rZ6R8x_V6whFsclJaiFcExg5KWcNlC3qi8PS8-h-ziSq7q3meQmvQsHiFQfx_9kwtkN3cDvNo6PIFHQe7k_6qlF2eOFAAwZA1AczWCpeDlDlIMWEQ5_z90-CJ_OVc0vdyXRkG2hLrFbROpTxt5bFUvgV53RdBM8nSUnNRhfwFjGQP7Vn79dU9kZdyhyIuRpOC96HLdxZL2vZd7NDKqsJz8tA0k9CLhiYBBGBlRdt2eZZv0a04CzXeKCXFIPrOoIYjTr6uH6ishSDrpB3Wyr6MygAz-KGUTx8Mb84jBGBuOyI8Mshg4pmT6Q7n4sbMCgEOQJx16JIz3OL0IogzX6JRhdzuweUjdILCUCSrYl2IYXVnb0SuHWO2WUBAK34EE048LHPQ3Qmr8S-co0oLUb3MhhSRZ3yeJrSdLCR5fMY_ye5Ux1iGDTttu_76X9IIh8agU1XMXbUXFKEAHD6TJNzOYFefEe1dnzR1dMyTvizSm_-HhbhpwzSTOiYInYqEHxkMv8cjWfaEPxFN4CUVaBGyxrOShBa29xU_PpXBqkGWEjTYCyBNwf6Tt3HvLezIApfBIEOtZWnj35mG-Izrv1GYKiBrKFt5JROAaTJYYC8A3XlHAsPb8TgMavUjWkmw5mslUuRvfvPntxKG5KQKZOFbfYu01TdULiR2aa-8dJRu80mu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wiratechmesin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 17:32:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wiratechmesin.com/	1970-01-20 19:20:15	Name: _ga Value: GA1.2.1689363324.1648143164
.wiratechmesin.com/	1970-01-20 01:50:29	Name: _gid Value: GA1.2.74354569.1648143164
.wiratechmesin.com/	1970-01-20 01:49:03	Name: _gat_gtag_UA_55034506_25 Value: 1
.wiratechmesin.com/	1970-01-20 11:10:39	Name: __gads Value: ID=ccf365838db812f1-22dee65464cd009a:T=1648143163:RT=1648143163:S=ALNI_MbfcJg5z8Zai1NlmRFRGLjVBrb_GA
.doubleclick.net/	1970-01-20 01:49:04	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wiratechmesin.com/mesinwiratech.com/wp-content/plugins/w3-total-cache/SH79ku.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.criteo.net
tpc.googlesyndication.com
wiratech.co.id
wiratechmesin.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.181.226
172.104.175.51
172.96.191.205
178.250.0.160
178.250.2.150
2606:4700::6810:125e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638::3
2a02:2638::b
05add8cbfe17d9fd4dd99b28790a0495988976926200f68827812b2c7bf21a4f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1a80873bac4b3fe1bb126e90861bb72f868a5da3e93743a64036d1d4a277bc0c
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
2a65896a95c3f0c95d853f19eded1e96ac811b73ff00d78ec833b522ce36ab54
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
3854109091367ad2ccc898946627288ec558dc9c5b7f406d44996b83f36c1a77
3f93a3444ac49bbd745cb7bf5eaef709bb7513f3582adfa0cb0c04dd7e76023a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1
5e5795e3dc340124711dd81d49d02bf3931096305840a800c22d829baba2915a
601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73ab81e524dcb76a8b1510463528258c4f85f2113dce78e11c438cc438fd8b88
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
7df046c84f69023be8e085feebb53994892e886ff13b8cb311293a5eb1ad6a37
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8cd375c6c62963c6c8229bc092d311c0d5033486077e99f0f8f25ab5020b2e8e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4a3a3437ee2d308481f94ece9dab7f92516040ae78ba263c11f96ef54ddeeb
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90d19cf4b19b780727737eac6cf7792da501a162b1de21202702447181bc126c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9cc2cea06730cc4a3f209d576546115f6c20d0c048c1e37ee92e6209e4101b7d
9da301db94f4c2438eb49b32dcdd294c136d202e477decc8788b0ba04baa14a3
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38ccdde053e04b0ca3145abfd9198deccde79dc94ce1f8296defe8d5bc20968
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cad8e288fca1dc35175d760cf34e63c29878201d9d8bc09251d4e2f13dfc9530
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
dce30f2a5dca516e2ac56d1dc047f5be6dd0ea35516ef72d4219da4bfee81ca2
de69772f0fb7c412518111501ce7110d85d2dd1cdc4ea5103fa587a6bea9bdd1
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1ea27fdcd7685662aafddcb85508914ec4dbeecfb6525a81e1e7976f385419b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8919266923f992a0a6b54655d2d56a0866953b5266304c22a8a5a0c55127eb7
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
f37005a1dab16d395a5a678b500f00e1c08ee293d2aa940be9b82b1504e27989
f49e5eccbf420949ddb76cfa2ca1430c8f733b06fb2a35d8fed1182b41613530
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

wiratechmesin.com Open in urlscan Pro 172.96.191.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

75 %IPv6

15 Domains

20 Subdomains

21 IPs

4 Countries

781 kBTransfer

2091 kBSize

5 Cookies

12 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wiratechmesin.com Open in urlscan Pro
172.96.191.205 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

21
IPs

4
Countries

781 kB
Transfer

2091 kB
Size

5
Cookies

57 HTTP transactions
2 data transactions