pontiarmada.com Open in urlscan Pro
66.84.29.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics
Effective URL:
http://pontiarmada.com/
Submission: On February 17 via api (February 17th 2024, 10:29:47 pm UTC) from US — Scanned from US

Summary HTTP 179 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 179 HTTP transactions. The main IP is 66.84.29.14, located in United States and belongs to WEBINT, US. The main domain is pontiarmada.com.

This is the only time pontiarmada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	41.221.145.2 41.221.145.2	36986 (AINET) (AINET)
1	162.215.118.10 162.215.118.10	() ()
21	66.84.29.14 66.84.29.14	11989 (WEBINT) (WEBINT)
32	2607:f8b0:400... 2607:f8b0:4004:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
2 13	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
6	2600:1408:540... 2600:1408:5400:23::b819:7f4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
36	2607:f8b0:400... 2607:f8b0:4004:c06::84	15169 (GOOGLE) (GOOGLE)
3 5	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
7	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c09::95	15169 (GOOGLE) (GOOGLE)
2	142.251.167.149 142.251.167.149	15169 (GOOGLE) (GOOGLE)
1 2	3.162.3.20 3.162.3.20	16509 (AMAZON-02) (AMAZON-02)
1 2	23.48.104.104 23.48.104.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.161.213.115 3.161.213.115	16509 (AMAZON-02) (AMAZON-02)
1	2600:1402:880... 2600:1402:8800::1728:cd8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::69	15169 (GOOGLE) (GOOGLE)
179	26

1 41.221.145.2 (Zimbabwe)

ASN36986 (AINET, ZW)
PTR: afrihost.ai.co.zw

lazarus.co.zw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.215.118.10 (United States)

ASN- ()
PTR: 162-215-118-10.unifiedlayer.com

redirect4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 66.84.29.14 (United States)

ASN11989 (WEBINT, US)
PTR: vmcp124.myhostcenter.com

pontiarmada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::9d (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1408:5400:23::b819:7f4b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.122.156 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.117 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c09::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.149 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.20 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-20.yul62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.104.104 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-104.deploy.static.akamaitechnologies.com

count.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.213.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-115.yul62.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cd8a (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	1 MB
21	pontiarmada.com pontiarmada.com	564 KB
20	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 ad.doubleclick.net — Cisco Umbrella Rank: 149	196 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	116 KB
13	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 580 rtb0.doubleverify.com — Cisco Umbrella Rank: 1079 tps.doubleverify.com — Cisco Umbrella Rank: 629 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1721	231 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	148 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2	71 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	3 KB
2	schwab.com 1 redirects count.schwab.com — Cisco Umbrella Rank: 7819	846 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 192	723 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	151 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1737	63 KB
1	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 3418	434 B
1	redirect4.xyz redirect4.xyz	464 B
1	lazarus.co.zw lazarus.co.zw	366 B
179	19

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com pontiarmada.com pagead2.googlesyndication.com
32	pagead2.googlesyndication.com	pontiarmada.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com bid.g.doubleclick.net lazarus.co.zw
21	pontiarmada.com	pontiarmada.com
14	s0.2mdn.net	lazarus.co.zw s0.2mdn.net googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
6	cdn.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com lazarus.co.zw s0.2mdn.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
4	www.googleadservices.com	pontiarmada.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	count.schwab.com	1 redirects googleads.g.doubleclick.net
2	sb.scorecardresearch.com	1 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	lazarus.co.zw
2	tps.doubleverify.com	cdn.doubleverify.com
2	www.googletagmanager.com	pontiarmada.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	code.createjs.com	s0.2mdn.net
1	tag.researchnow.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	redirect4.xyz
1	lazarus.co.zw
179	28

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
tls.adobe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2025-02-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 23 frames:

Primary Page: http://pontiarmada.com/
Frame ID: B57D807C14310F4EF9993AD2D4CEE343
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: AA9AD2A56C66A017A0B7A484015ACB36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1708208979&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&dt=1708208979528&bpp=5&bdt=335&idt=245&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8137725721193&frm=20&pv=2&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=264
Frame ID: E01226AC0F7F686363EF401DF8BF02DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2194237227&adf=3958522997&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979533&bpp=2&bdt=339&idt=267&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=273
Frame ID: 76B630AF36D6FAD1FE732E195CB28996
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2516452882&adf=2690042729&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979535&bpp=1&bdt=342&idt=279&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=284
Frame ID: 9C145CE4F7C55C7715E0BDED3F3E3658
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2998976164&adf=153553307&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=292&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=297
Frame ID: 6750529A06DB09B413109C2D306D17CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Frame ID: 2439F92785D779C387C5D11136F0466D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979538&bpp=1&bdt=345&idt=317&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280%2C310x250&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=321
Frame ID: E33E3DE28C76AD6AFBF0383104D9B47E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEM3zNhjk-rCBAjAB&v=APEucNWzD29XF5y-6hZMNNVPNDASfNcHpQ-245bKX2hr5lx-pxKMJMfITW-8EtY88pQbBGnjMGKrlEMKuqyKa0qwz1pYHzSV3Q
Frame ID: B2B4EF923E2A3A767770527E705BDEEE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B62D5DAC75796B44400A34ABF9521686
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 416DCBCDC75355059FCC3C1648067814
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1DD8EC8652DF713527341599E5F0826A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B6F2B2CAB7225BB362565E45E878870E
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: F9A9E0BD5E5FE2BFF46B5141B4D1615C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 4C0C6D985473C61E91A4D0F4D05562C7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
Frame ID: 658400F5A6ABD8D85F71074E215FEAC0
Requests: 19 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5440.js
Frame ID: E7DEEF3FDB7AD5D1EFEA9004A171DB77
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 9B9C7B863B26404B936C0F7686C82C51
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
Frame ID: FFC07C2DEFF5EFE51D261D6E9B868822
Requests: 14 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5440.js
Frame ID: B9D64C3E64CD9D311A3C5B0A55A6E21C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 922DBF49FD7C97679636086CB8834C1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B9CE99C3F5181FF20C2881B78164417
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0BE436876546E950B5B6F18A51EBE97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPORT NEWS – pontiarmada.com

Page URL History Show full URLs

http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics Page URL
http://redirect4.xyz/ Page URL
http://pontiarmada.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

179
Requests

82 %
HTTPS

52 %
IPv6

19
Domains

28
Subdomains

26
IPs

3
Countries

2614 kB
Transfer

6480 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics Page URL
http://redirect4.xyz/ Page URL
http://pontiarmada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEzVEt3ubsAAGHHAA8FcAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2pOycHdNghUlUa2G3CI2g&google_cver=1

Request Chain 48

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwNDk5MTA4OTU3ODYzMjQ1Mw%3D%3D

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=CI4zBUzPRZd2RNaSdur8P4LuvmA_M_PHMddjw-ujdEZXRi7GVDhABINXo1EZgye6Oi8CkjBCgAZqE7p8qyAEJqAMByAPLBKoEiwJP0JiqK3Buya8fWi_PTM_qP27NqowcfP3Cs0_g_dks8rT4QiaiCywSKvjSma58s2J2vuVpwjprhpiU9_wpMuauLKVGSEYgJmZNSmr2NcI-Nn0tzPMtkZxdx2_heknn0e0R0Fk0Q35WWxpjWJGtQTpV0j5OCT0xSW9iVmJR_mmhIIlElTUj0XpnZSM4jzCbcRZpGxX6SSHcZjeKFe-IJNg9qBmirwHy5lF7W63Rl5cuuDxbnpsRyuyOcFfJfYtFWTfT7_1byz2CLVGBIX5k_cC3Gxd4fr3cVBiihWzbuJShgDeEtvT817r0rSjPj8ryuAilw_r7_9MRfmeL8LilMRdPkCSnsZPwpbdjl9bABOGshbS0BIgFqPKW0EygBi6AB5q8vv8EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQmKkF0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WJeOyKu2s4QDmgkwaHR0cHM6Ly9jaW1hc2lsYXcuY29tL2NyaW1pbmFsLWRlZmVuc2Utb3ZlcnZpZXcvgAoByAsB2gwRCgsQ8NqfzbmIgbu9ARICAQPYEwOIFBTQFQGAFwGyFxwKGggAEhRwdWItODg5MTMwMzc5NTY2ODA1NhgA&sigh=Y_g_dWHXuns&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_0gr2JAE5SxwiuSi_qyC93hlBMPUn7Aua1m_uF5i6z6v0H7tuh2QcLVgbY47HzLIsmOfRHNu3mJ3cz7EUowsBVp7TstVgzTwm4A4YAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa8929c16c4cc5bc40000000000000000%22,%222%22:%220x4c0b9251bfbc17f0000000000000000%22,%223%22:%220x55a0180a76b0b70a0000000000000000%22,%224%22:%220x9a79fb20b8fb78000000000000000000%22,%225%22:%220x15db3c67abdf4b0c0000000000000000%22},%22debug_key%22:%2212493692623639264072%22,%22debug_reporting%22:true,%22destination%22:%22https://cimasilaw.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211341103642%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223173083426208295377%22}&andc=true

Request Chain 119

https://sb.scorecardresearch.com/p?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429 HTTP 302
https://sb.scorecardresearch.com/p2?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429

Request Chain 120

https://count.schwab.com/1/d/c.gif?aqet=imp&img=true&adv=2530996&ag=UM&ca=31080322&cr=165110407&pl=383957415&r=2684342429&si=6316021 HTTP 302
https://count.schwab.com/b/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=747A9D9AA3015603B8B8B82DD030A4D84C02928C297C68C2BF06FF9609BE4906&img=true

Request Chain 137

https://googleads.g.doubleclick.net/pagead/adview?ai=CSvC5UzPRZbjdNP-_kPIPu9efmA7gqMTwda-B0cr5ErCQHxABINXo1EZgye6Oi8CkjBCgAd21luMDyAEJqAMByANIqgT7AU_QY9GNsl2rUUbeBKdBqi6-Il5iXBRjFH2kKdm-KY8grvdODN6SIQPYW7Z6esXblklNlmkLOUQgzi-pzD4MB2aszhps6de8HAXIXBwbVb_ek_DeBHILOh7FoOrsu4Ozx0ZQLlRZGQY2Ag6YLpCaOifjxPzWlD08cb2UnRAXeamb3uEsgBpi_qAwWe_hsQysZkELPVdIRo3bLOAqixM9RczsIjpXdKoa0lo1NoqSUGH_X1rJ8IuieUuEfmvU6Tnhm9XOoKLdAUoCxivi4uEseXKmsQyjRO5MrmZtdRCuGBAqp8uhOI1l94FKQ3HH-nHFDJ3LNNjM4jp-a_8FwASFmqfPygSIBc6gsv5NoAYugAeLyukcqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQr7cd0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WNa6x6u2s4QDmgkjaHR0cHM6Ly93d3cud2lsa2luc3J2LmNvbS9ydi1zZWFyY2iACgHICwHaDBEKCxCw8p_40IXwiZYBEgIBA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODkxMzAzNzk1NjY4MDU2GAA&sigh=s_JbtBXJqrA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_QLepJ8kdUucu-sRmI1NRgHq2WrArqxQotopyL6XxHAB3ItK1b4KHb_jKwSXz3oPY11n6M-wpXppVjcsFibz8pv188bjm8pqJDdgYAQ&template_id=419&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61e289f1d1faf0da0000000000000000%22,%222%22:%220x970b1c6209eb0cc70000000000000000%22,%223%22:%220xa02a69142f31310f0000000000000000%22,%224%22:%220xd7918a05a8c618d20000000000000000%22,%225%22:%220xa5785a6c028ea2b30000000000000000%22},%22debug_key%22:%2216830532869609418790%22,%22debug_reporting%22:true,%22destination%22:%22https://wilkinsrv.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221013291741%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218103302424969986097%22}&andc=true

179 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK statistics
lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/ 66 B
366 B 1231ms
319ms Document
text/html 41.221.145.2
AINET

General

Check archive.org

Show headers Download Go to

Full URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics
Protocol: HTTP/1.1
Server: 41.221.145.2 , Zimbabwe, ASN36986 (AINET, ZW),
Reverse DNS: afrihost.ai.co.zw
Software: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 / PHP/5.6.32
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Feb 2024 22:29:38 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.32

GET
H/1.1 200
OK /
redirect4.xyz/ 301 B
464 B 312ms
82ms Document
text/html 162.215.118.10

General

Check archive.org

Show headers Download Go to

Full URL: http://redirect4.xyz/
Protocol: HTTP/1.1
Server: 162.215.118.10 , United States, ASN (),
Reverse DNS: 162-215-118-10.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: http://lazarus.co.zw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 203
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Feb 2024 22:29:38 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request / Show response
pontiarmada.com/ 25 KB
26 KB 266ms
195ms Document
text/html 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: b2fd72473375a655ac9af0f502efc5727cb8791343d28a797a63821688809227

Request headers

Referer: http://redirect4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Feb 2024 22:29:39 GMT
Keep-Alive: timeout=5, max=100
Link: <http://pontiarmada.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK style.min.css
pontiarmada.com/wp-includes/css/dist/block-library/ 25 KB
25 KB 38ms
20ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Tue, 04 Jun 2019 04:39:35 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25658

GET
H/1.1 200
OK foundation.min.css
pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/css/ 74 KB
74 KB 36ms
19ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/css/foundation.min.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: c8257285ff028dbe7e88750e3b5cb973c95f16aa81b6b5d8cc050cdf5f702ec8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 75710

GET
H/1.1 200
OK custom-fonts.css
pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/ 11 KB
11 KB 36ms
18ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/custom-fonts.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: f354ac0964036e2655926b00b97dd3aa88ebf594031d0b094ba09e9c9d4e366c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11386

GET
H/1.1 200
OK font-awesome.css
pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/ 32 KB
33 KB 36ms
19ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/font-awesome.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 27bcaf5156b678a1a4d243b255561fb5d3e5191fb08d4e27e01b0e7960f8ea09

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33257

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
pontiarmada.com/wp-includes/js/ 12 KB
12 KB 17ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Thu, 15 Apr 2021 14:39:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 11943

GET
H/1.1 200
OK style.css
pontiarmada.com/wp-content/themes/responsiveness/ 83 KB
83 KB 32ms
18ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/style.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: f04858f6b85b6bc28eb4c790e576ecbf47687cb839e746b5656b2cf2ed3a6a4d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 84552

GET
H/1.1 200
OK dashicons.min.css
pontiarmada.com/wp-includes/css/ 45 KB
46 KB 36ms
20ms Stylesheet
text/css 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/css/dashicons.min.css?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:42:09 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46360

GET
H/1.1 200
OK jquery.js Show response
pontiarmada.com/wp-includes/js/jquery/ 95 KB
95 KB 37ms
18ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Thu, 05 Sep 2019 02:38:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96874

GET
H/1.1 200
OK jquery-migrate.min.js Show response
pontiarmada.com/wp-includes/js/jquery/ 10 KB
10 KB 56ms
20ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Fri, 20 May 2016 15:41:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10056

GET
H/1.1 200
OK foundation.min.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/js/ 103 KB
104 KB 56ms
20ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/js/foundation.min.js?ver=1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 27aa16d30fba03663851d0e3ae817ddea9fbb8ff37bb91e60015e7f27e1f6d18

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 105837

GET
H/1.1 200
OK foundation.js Show response
pontiarmada.com/wp-content/themes/responsiveness/ 142 B
396 B 67ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/foundation.js?ver=1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 396400a41b96c582794a8ca60ad2a7269537dd8a84e84d979abbc4350dcf4744

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 142

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 134ms
68ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891303795668056

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

099e06383efbcad24950563fc729d3d5220e731d2ba569c3704b9573b9aa27b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Origin: http://pontiarmada.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51382
x-xss-protection: 0
server: cafe
etag: 6078652261095085860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 22:29:39 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
54 KB 98ms
67ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7cfd4459b52bd969e18b34a7f9e57f9d0d3f6c44388ea5a41bba4eb6bb2323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54577
X-XSS-Protection: 0
Server: cafe
ETag: 8456510695114109129
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Sat, 17 Feb 2024 22:29:39 GMT

GET
H/1.1 200
OK navigation-custom.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 2 KB
2 KB 70ms
18ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/navigation-custom.js?ver=20120206
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: ae680a317a550a5c897714e2f379dc493a83ae2da421c1ad73a17198e074c0e3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1905

GET
H/1.1 200
OK toggle-search.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 2 KB
2 KB 73ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/toggle-search.js?ver=20150925
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 406f3c16fae88e2e1f681820091b978d2db783a8ac4736a4e85a47fe29fb908a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2006

GET
H/1.1 200
OK imagesloaded.min.js Show response
pontiarmada.com/wp-includes/js/ 8 KB
8 KB 84ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: de761c17eac4e98f0e21f49fa3929adcf3ff8c25aa5d78ea67ac88085fbf3f8d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Thu, 15 Apr 2021 14:39:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7855

GET
H/1.1 200
OK masonry.min.js Show response
pontiarmada.com/wp-includes/js/ 28 KB
29 KB 88ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Wed, 29 Jun 2016 04:18:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28954

GET
H/1.1 200
OK masonry-settings.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 201 B
455 B 89ms
18ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/masonry-settings.js?ver=20150925
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 399db455d154502a629bc10f29a2f8d218fbaaa413386a12a6fdfeed79a073ab

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 201

GET
H/1.1 200
OK topbutton.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 583 B
837 B 88ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/topbutton.js?ver=20150926
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 64a971e7cb92f4f5884415b305a42038b0500a8347e855626c3c5cc15de4982e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 583

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 880 B
1 KB 90ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 880

GET
H/1.1 200
OK wp-embed.min.js Show response
pontiarmada.com/wp-includes/js/ 1 KB
2 KB 101ms
17ms Script
application/javascript 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/wp-embed.min.js?ver=5.0.21
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Wed, 17 May 2023 02:38:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1443

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 122ms
59ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d86d3fe8311972f672b247e3659d14fc9a197d23978023b275ff29b16511e248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70977
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Feb 2024 22:29:39 GMT

GET
H/1.1 200
OK background.png
pontiarmada.com/wp-content/uploads/2018/01/ 118 B
359 B 18ms
17ms Image
image/png 66.84.29.14
WEBINT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pontiarmada.com/wp-content/uploads/2018/01/background.png
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 66.84.29.14 , United States, ASN11989 (WEBINT, US),
Reverse DNS: vmcp124.myhostcenter.com
Software: Apache /
Resource Hash: deb36e1415642450583c55b48127df16c5faf6cdb7b13a85da498aebdc3bf6b2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:39 GMT
Last-Modified: Sun, 14 Jan 2018 12:07:01 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 118

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 406 KB
138 KB 144ms
79ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9688d9f446a6f3e1b74b5ff9bc2df6b382f7f465c754cdb6f63bbbf0b53a2eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141046
x-xss-protection: 0
server: cafe
etag: 385027538580581964
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:29:39 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame AA9A 9 KB
5 KB 97ms
32ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:09:44 GMT
etag: 3890843268177463596
expires: Sat, 02 Mar 2024 22:09:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 48ms
46ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98ec431db7cffaac335d1a99daf0dcd79b8df1729e7f08949df2c268d181a344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 22:29:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 97ms
32ms Script
text/javascript 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 22:09:23 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1216
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 18 Feb 2024 00:09:23 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 41ms
40ms Ping
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBKKV0FTSN&gtm=45je42e0v9109091153za200&_p=1708208979347&gcd=13l3l3l3l1&npa=0&dma=0&cid=1522731977.1708208980&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AAAI&_s=1&sid=1708208979&sct=1&seg=0&dl=http%3A%2F%2Fpontiarmada.com%2F&dr=http%3A%2F%2Fredirect4.xyz%2F&dt=SPORT%20NEWS%20%E2%80%93%20pontiarmada.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=779
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 39ms
39ms XHR
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=361656601&t=pageview&_s=1&dl=http%3A%2F%2Fpontiarmada.com%2F&dr=http%3A%2F%2Fredirect4.xyz%2F&ul=en-us&de=UTF-8&dt=SPORT%20NEWS%20%E2%80%93%20pontiarmada.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=377372544&gjid=754459230&cid=1522731977.1708208980&tid=UA-107533837-1&_gid=1229688419.1708208980&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1670111588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E012 388 KB
84 KB 545ms
545ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1708208979&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&dt=1708208979528&bpp=5&bdt=335&idt=245&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8137725721193&frm=20&pv=2&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=264

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bee6e3255f5306c3fa19402509ced2ddaf7e6e05c2b39ca2dc5c9c2874b94107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76B6 134 KB
44 KB 592ms
591ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2194237227&adf=3958522997&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979533&bpp=2&bdt=339&idt=267&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=273

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7a28050d822e5312cb013908461024b7f82e440b0d65aa68dcbdc79c96a8139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45288
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C14 859 B
631 B 335ms
335ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2516452882&adf=2690042729&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979535&bpp=1&bdt=342&idt=279&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=284

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b3746296d37ecd3dbbc7a512326695cbc299195129a99e0c02c64f5b067f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6750 859 B
579 B 411ms
411ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2998976164&adf=153553307&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=292&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25040f0dc1415698c9b0e97ecc4a69f3810d1cc03115e968c385b8853b1566ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2439 38 KB
13 KB 383ms
382ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5975ee4a7fd7e109e97190f0d0938e381dbdc5c7da79cb94f9f467eefb3baa0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E33E 859 B
437 B 412ms
411ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979538&bpp=1&bdt=345&idt=317&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280%2C310x250&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=321

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d73f5e98f9eb64253d822be922621d2e92247aa8053c8029b98ea3c7fab0af70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2B4 624 B
246 B 65ms
63ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEM3zNhjk-rCBAjAB&v=APEucNWzD29XF5y-6hZMNNVPNDASfNcHpQ-245bKX2hr5lx-pxKMJMfITW-8EtY88pQbBGnjMGKrlEMKuqyKa0qwz1pYHzSV3Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sat, 17 Feb 2024 22:29:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B62D 93 KB
33 KB 73ms
70ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B62D 2 KB
1 KB 127ms
31ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=875628&cmp=31080322&plc=383957415&sid=6316021&aufilter1=134&prr=1&ppid=103&autt=1&auevent=ABAjH0iwaX-H1qZoqebgmmCrosYi&c1=134&auorder=1015263141&aucmp=20880324188&aucrtv=539770212&auxch=1&pltfrm=1&ausite=406937596949&turl=http://pontiarmada.com/&aubndl=&audeal=&dvregion=0&unit=300x250
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:34 GMT
Server: UploadServer
ETag: "a8006a511aee2e57196f5e8bee81dde8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 18 Feb 2024 22:29:40 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B62D 9 KB
4 KB 113ms
31ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0137c21026bfb70d6c38ea2c4bfe12b1ce6d9e9765f061a87afa10e89100e41d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 12:17:38 GMT
Server: UploadServer
ETag: "98a9100cf96e4be6a7f344bd733fdb63"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3637
Expires: Sat, 17 Feb 2024 22:44:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B62D 3 KB
1 KB 107ms
35ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:35:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B62D 20 KB
8 KB 103ms
31ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B62D 204 KB
61 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:35:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B62D 42 B
63 B 89ms
88ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ca4VOe-gIKopwWmnwO8kDsI4HonTa1DOmLd7En74ZdyGzPlMtw-aadm6uOIG7dLvM5WTdXskblxzWD5duESlC1IslxAFhcbEp4KqTl1U49rqLL2wI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B2B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1

43 B
338 B

75ms
75ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEM3zNhjk-rCBAjAB&v=APEucNWzD29XF5y-6hZMNNVPNDASfNcHpQ-245bKX2hr5lx-pxKMJMfITW-8EtY88pQbBGnjMGKrlEMKuqyKa0qwz1pYHzSV3Q
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FIm0QJVYQNKkLY7c6eaoFZ5AdZfeCkYECG%2Fx9wb81QC8mZn0GZQTp15SvCL7VMwZbr%2FuhSIrqSbLYKKuLLWZ99igqAVbSzTpK38a54icJsqLl01fXhPL5VxCQ8WKmK8yEJctiO5YWpPDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8571786fcf0f36c2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B2B4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEzVEt3ubsAAGHHAA8FcAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1

43 B
767 B

51ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEM3zNhjk-rCBAjAB&v=APEucNWzD29XF5y-6hZMNNVPNDASfNcHpQ-245bKX2hr5lx-pxKMJMfITW-8EtY88pQbBGnjMGKrlEMKuqyKa0qwz1pYHzSV3Q
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enBCnJWhyuidjjgJgMZUazZ9eSh16gKlYydkLz9SragExikgsk4UVRRYWc2%2BlisIPsuvfCqLDXfUDnziuqYGFaTu9j%2B8z2zjK9U3V8JhKutmGTiti2cIy09T2TjnLpa4dGEvBMT2Ax4WRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857178709b4d36db-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOr8kJRSXwJImEXiYxbkEPY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B2B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2pOycHdNghUlUa2G3CI2g&google_cver=1

43 B
1 KB

35ms
35ms

Image
image/gif

68.67.160.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF2pOycHdNghUlUa2G3CI2g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIYBEM3zNhjk-rCBAjAB&v=APEucNWzD29XF5y-6hZMNNVPNDASfNcHpQ-245bKX2hr5lx-pxKMJMfITW-8EtY88pQbBGnjMGKrlEMKuqyKa0qwz1pYHzSV3Q

Protocol

Server

68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
an-x-request-uuid: 59718a40-1bdf-432a-82f6-99cb8ee86100
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF2pOycHdNghUlUa2G3CI2g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B2B4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwNDk5MTA4OTU3ODYzMjQ1Mw%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwNDk5MTA4OTU3ODYzMjQ1Mw%3D%3D

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
an-x-request-uuid: e60f21e9-db01-4252-a8d2-c471e6a12cf5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwNDk5MTA4OTU3ODYzMjQ1Mw%3D%3D
x-proxy-origin: 96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B62D 0
20 B 88ms
88ms Ping
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=361472523860&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B62D 0
20 B 98ms
98ms Ping
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=361472523860&version=m202401290101&ct=76&x=1&cor=15738414850204460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B62D 16 KB
12 KB 91ms
91ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BETJsc1IekS1hktzaV82zGFs24K5HcycbSGhzccKltM2mjaBfpOZANLmoWHtIuwQvjQNqb9yjnhWwmQKDvJtqiKKCvYOJrYncvZcRf7tcasEti8niUD6rimmr32wfEEe5eBl9yhjiM68IKs4X8DeqekIG9l8-qPoZ4nkQ5P7AserVQ0Og&cry=1&dbm_d=AKAmf-BNL5ISxD9jwjF_XIm3WRBCbO0chdgpBPxbpbRReulP0tFCNomJHxFFigXcjCIxN3DUMMdwcPTuY3BCbb4WHRMNQqU6F2zTOz3LvoxVYQttUX3NA5a1YrgRWeS3-ro42q7Thd3TCpHYja45SMxmaH7iVKCJpa1nfk66ak6dg4ajJYHow6IQFd3QoNLGSTDhP_rHTfOlPbkS1dzs7DSz8JNCdWNBEvPMJqq28-yaAdMTOX-yNwr27kA5C_4S-CDznSWZf75dNPkaTbHPDqU6wQc5CFPT8tNFYXzKLyUoyvy7FuSTkIcTqOn-WNO7cUuAwUCxEBObF05HtWf8ZvJkkwTkUbaLoo1lSkzX9wsYslMf3b3hKxIn3dJrLVpGEUE-BV8_S1_ovRj2NS4Q-9aTUjhWDFh07gbwv975uGHpmu3JyNjyY8NQmyCYFGqCllqepEMDExrvPAdxNfrCaBpXJ5NmZy0Sm9eP3uBxaSlTCC046R_LcBmEDBNQpS6tJwTE8xtnKsBZzAgPYgjZqwerlhfTPShabKf_VH94DLyRNDiQ8CdfHAaVVLH6cvOmIMMSdLSVWRtgRy99E9RytwlpYMP-p2rHOOzB0BgWqqklBz84p-wGQm_w6QB3S8E5ymd3q71jxFV8qJjtVx_EavmTlYqaPUzsbHQ322-VRtcnDbFQtIpKk8JFcLW8e8I3O2CH38uW7zP3K__ObLaazCc393KwTKTluLhfuDzJ2XYfRlx2WX9SdXzffvke1uBJz3PU2x8SLieKQhDlFWxFQpvdM84y-Gt6mb8hLPJrbDnmgbKoRNwDDEijQMV6tPukL1GFGIdjVNTfgwv3iW-pxb2leULay62LsPOSKzgRqhZ0nrUPiwonNBWWbDZgc-YDmO0Ga8Gv-pFc53G60COJQgwd4iLyB6imrBMA3AL1Lk4HK-g66Y6m9VIH3x1qDHE5B65qJo5Bu60Ju7K8RNoQmYIW7Qop3I6xoNyaM3uouiLhmal3NRNJctbP489JS1IqCshDVRp3riomLw4uywDjRY-6yTGhEOO5FoCB7lngnT2xls6h4_uJpFv8K9hrCUFOVvcU_xjs0L3iPO2xMUNPS17KNgg6akkSfc4nyRmcMSGu_6MZ0a2F5_ehEp4wQZy0BVyoe00J1M6y4b9CMitmMVwm1mi9icAvdUHD__a5_WtXbndMdB3ZnIkAvx1zq52CR4TGx9Lwaorg1GgrXdSBF2aePnlT5pJZ60DZVjMUd53hoPfpsFUSTEDvdeVO9OMvpHxPjzkj5sfN5fIyMZvgu1KRDOyuo8PZl8UOXvJgNrl-d2KIg-AQkKTBuDay78e3OAJNPH0fr-4LwkFVXtgMj8VoYF8tOgtO_h7S992ywIP_ntVIyVoDdYa9l0Dt1dtuOf_4LPLYVx5_v2Hwz7emQ0pN3pj1CpEz8X2D0uTvWuf8Umwrh6VhDn0_UHVqJLJ9LioD1Ci2l8aQXvxl8nOrV03wTpJBpugHhIW7V9kVIBKMHlxLoX2P1kem_PmMwH18v-5nmvEtUo94TFReu6B4fR1_KXKFWunnXhE0jwgyKn5eX9l7XlbH3CPX2TQVDZrmqXOhvWPBNKWzyqfx42oUTJ8tVath56cuiXt9F9KzBQuZlTLDBmC3NXDtBOhsupnu0Gc1F7DPPrmqXtyfkWXf4yol54n12UjNwrKGnxDOX4yxC-XYboZtwe2FXEws_4R598cr2d4WKLr1uioHuTl-xXeSEYwULll1OlrtU6bJAslHeNDkRhcC4WU1NQLz0gvzruXjZ4GWe_W-H50qvB0RvmZZ-I09gKuHREsjWDofz4VmodpUZ7UVBLYbYlUtR_zWPMuxf83nOckNRTZ_tsILjcjn_p_GVpbGG5bx20I1pzHrPS4Ii6qNgbg9igRtVqiqlAB1JeuNGZLbjcvT6t_rGX3jx2CcLw7NZrx5lialTPhVWr_ZhZ3GzMB9Hi-Uv9Pe8dBUJamDIg7DQTHCTCScM1yeqyrkArUFTQ0ssXpl7DogQVUKp5-OBidT-jCHltSJmUDL5LzRsiHnZ-gXXK4Ma7R7fu-lvhiwlfgoa-x9nr7ssNvIbQGDJowhPQ1NXi-mroUYeL0-K5LhzaNM5T_GJHIaB9TFD-2lnl7-7ii4XzILA_QqoH-c0wFk1rkB8iwkoBIF4Z_ykbKxAVwNa2ueTyHxIZy8AruZVw5UnX_CqKdc8SWnrMcB_Ncj34osTf6MLqCNDrTrzZ-V9Xzlykw9FyRTQyldslr-mGLr7Mu628RkdMK-_s3bInmiU8OZhEsMxGQepMFZRgRaXh9_pPcY06rc3RtIWppZe8mTdFlEh_kvinVZ36OC0JYM8ThxTKJYv0CAdRMI5mY9wQrlJX2Qf9eBLnwt1R9ZSfHQ_3mQ90r49uPe9FM7f8YMO4C_NWLf-SSidxho-mPTMpsL0dhn92MD0-BQz3LAEUvifIwFbnGe9QSKawVcwKprzIb6C3HvYrPwkWinAEZtDRovcwBI_deJJ1vXlP1oaf2UKDmDasLAJxqR59i9JTq--Exi-08P0E9J6YDR_hfi7G7unbEqISmAAcHb-qabmBDYeoxvp-uQ4Tt1ux_hFJB6egtLlf9jL93jAGvt4HGuDtdqLZBAoYpONz2wUJZSnvJnimOmCArQHtEXdgceS0HqW6fLvB97kXFX_ARGPpCpm4NINMF0vl-s3TVUG21unI2e-AgD1Uq3NcTieoW1iAFpfWUktU-ASckZLbXzPxTC_NIgN_QS6opgHEVA5BNSGciaojg3QYgMSXK3IxG-RzwCLSMhDUWBhBVtGKfsSNHNIjA-ZTzgnIhu9NMu8T3lzXJe_6jMuq17nKJGPSPx2Yzwg-JD8qYXtz_-ZMXxWj3XGRkfIdvMKJDAY81Wa1IifrOtRLbXcsNaKEClECXvzDKReHCLaUuzDISO6_vX6QGnoT-IbnS606pvtEOTpHhhmr3Jz1fC7nfbPJns1wCYTuKxSUIHAIPVdd1HxpmlcafD8jEl-jhIZDxp6UoNFhI_uoQmSUJzGAvc-uu9XANIN0ay4OKdneoOf45xUgcjOM2UItORLfMvjYYvBs-P_eKfQd19l2a3KdmvKmlPFkvpF6nSx-qmPdvhb7CnK7SmTgKt3Jr0gm8g826TjEY7Nw3pEGcfVrKSdgFSjJgM0XJDHjU&cid=CAQSTgAvHhf_61ZzMahsqTwtogS5mAhaUTn3bO3Kt_Hvf94LLidOBX8an3hWj04RKTjqO7_S6UQVi2op424i2u_9qZvmrXTtbreWK58zNP7gzRgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fpontiarmada.com%2F&ds=l&xdt=1&iif=1&cor=15738414850204460000&adk=1726166463&idt=90&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e3284cda32f135362b3d12233517d26f8fc98a0ecd1b70750033516a9098add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12603
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 165 KB
56 KB 70ms
70ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/reactive_library_fy2021.js?bust=31081168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

816b3c9801b0d5eb142d952eb6c2285bfc8e32f28385fc28695240c93586a59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: cafe
etag: 15545109744707944351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H2 200 ca-pub-8891303795668056 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 137ms
70ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8891303795668056?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5041fcff2a585dd4bce6452563f58cef537ce6ba245dd20d77eac9eaf6d0e2db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O-mpdJB9i5spJfQIsDpG6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-O-mpdJB9i5spJfQIsDpG6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KEhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejivPjqxjE9jx9-EPRgAUa0qM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 90 KB
31 KB 75ms
75ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/slotcar_library_fy2021.js?bust=31081168

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da987579de9da8415a181018975e5dd61496f7f6f1a7e93a55e85ea6c5e7ddd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32107
x-xss-protection: 0
server: cafe
etag: 7641079482721691408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 76B6 14 KB
2 KB 105ms
40ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=280&slotname=2228552213&adk=2194237227&adf=3958522997&pi=t.ma~as.2228552213&w=710&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=710x280&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1708208979533&bpp=2&bdt=339&idt=267&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=273

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:08:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 76B6 2 KB
903 B 38ms
37ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 07:56:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 76B6 23 KB
9 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:39:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 76B6 3 KB
1 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:35:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 76B6 20 KB
8 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 76B6 204 KB
61 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:35:29 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 76B6 36 KB
15 KB 95ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 11:33:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8891303795668056&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20240214_094054&sat=1708071625747&afm=2%2C0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.329&alldns=0.329&allp=18&pgh=2463&abl=false&rr=n&su=pontiarmada.com&pvc=3004240130396446&r=0.1&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/261473715759654733/ Frame 76B6 16 KB
17 KB 32ms
32ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/261473715759654733/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a5f48166695a310280b55869487f2f3208ee30661879bcf0ec7c13d022c5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:00:21 GMT
date: Sat, 17 Feb 2024 22:00:21 GMT
x-content-type-options: nosniff
age: 1759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16659
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:59:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 76B6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 76B6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f563de98820a07815cb5e9167a44b6cf6c09ad36cf6fc428a22a178dc9af671

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 76B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d87b96745b0de748f3da3da6ac679a71b50705f3f9dc67fe5f86d613f1e9ef1c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B62D 41 KB
14 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BETJsc1IekS1hktzaV82zGFs24K5HcycbSGhzccKltM2mjaBfpOZANLmoWHtIuwQvjQNqb9yjnhWwmQKDvJtqiKKCvYOJrYncvZcRf7tcasEti8niUD6rimmr32wfEEe5eBl9yhjiM68IKs4X8DeqekIG9l8-qPoZ4nkQ5P7AserVQ0Og&cry=1&dbm_d=AKAmf-BNL5ISxD9jwjF_XIm3WRBCbO0chdgpBPxbpbRReulP0tFCNomJHxFFigXcjCIxN3DUMMdwcPTuY3BCbb4WHRMNQqU6F2zTOz3LvoxVYQttUX3NA5a1YrgRWeS3-ro42q7Thd3TCpHYja45SMxmaH7iVKCJpa1nfk66ak6dg4ajJYHow6IQFd3QoNLGSTDhP_rHTfOlPbkS1dzs7DSz8JNCdWNBEvPMJqq28-yaAdMTOX-yNwr27kA5C_4S-CDznSWZf75dNPkaTbHPDqU6wQc5CFPT8tNFYXzKLyUoyvy7FuSTkIcTqOn-WNO7cUuAwUCxEBObF05HtWf8ZvJkkwTkUbaLoo1lSkzX9wsYslMf3b3hKxIn3dJrLVpGEUE-BV8_S1_ovRj2NS4Q-9aTUjhWDFh07gbwv975uGHpmu3JyNjyY8NQmyCYFGqCllqepEMDExrvPAdxNfrCaBpXJ5NmZy0Sm9eP3uBxaSlTCC046R_LcBmEDBNQpS6tJwTE8xtnKsBZzAgPYgjZqwerlhfTPShabKf_VH94DLyRNDiQ8CdfHAaVVLH6cvOmIMMSdLSVWRtgRy99E9RytwlpYMP-p2rHOOzB0BgWqqklBz84p-wGQm_w6QB3S8E5ymd3q71jxFV8qJjtVx_EavmTlYqaPUzsbHQ322-VRtcnDbFQtIpKk8JFcLW8e8I3O2CH38uW7zP3K__ObLaazCc393KwTKTluLhfuDzJ2XYfRlx2WX9SdXzffvke1uBJz3PU2x8SLieKQhDlFWxFQpvdM84y-Gt6mb8hLPJrbDnmgbKoRNwDDEijQMV6tPukL1GFGIdjVNTfgwv3iW-pxb2leULay62LsPOSKzgRqhZ0nrUPiwonNBWWbDZgc-YDmO0Ga8Gv-pFc53G60COJQgwd4iLyB6imrBMA3AL1Lk4HK-g66Y6m9VIH3x1qDHE5B65qJo5Bu60Ju7K8RNoQmYIW7Qop3I6xoNyaM3uouiLhmal3NRNJctbP489JS1IqCshDVRp3riomLw4uywDjRY-6yTGhEOO5FoCB7lngnT2xls6h4_uJpFv8K9hrCUFOVvcU_xjs0L3iPO2xMUNPS17KNgg6akkSfc4nyRmcMSGu_6MZ0a2F5_ehEp4wQZy0BVyoe00J1M6y4b9CMitmMVwm1mi9icAvdUHD__a5_WtXbndMdB3ZnIkAvx1zq52CR4TGx9Lwaorg1GgrXdSBF2aePnlT5pJZ60DZVjMUd53hoPfpsFUSTEDvdeVO9OMvpHxPjzkj5sfN5fIyMZvgu1KRDOyuo8PZl8UOXvJgNrl-d2KIg-AQkKTBuDay78e3OAJNPH0fr-4LwkFVXtgMj8VoYF8tOgtO_h7S992ywIP_ntVIyVoDdYa9l0Dt1dtuOf_4LPLYVx5_v2Hwz7emQ0pN3pj1CpEz8X2D0uTvWuf8Umwrh6VhDn0_UHVqJLJ9LioD1Ci2l8aQXvxl8nOrV03wTpJBpugHhIW7V9kVIBKMHlxLoX2P1kem_PmMwH18v-5nmvEtUo94TFReu6B4fR1_KXKFWunnXhE0jwgyKn5eX9l7XlbH3CPX2TQVDZrmqXOhvWPBNKWzyqfx42oUTJ8tVath56cuiXt9F9KzBQuZlTLDBmC3NXDtBOhsupnu0Gc1F7DPPrmqXtyfkWXf4yol54n12UjNwrKGnxDOX4yxC-XYboZtwe2FXEws_4R598cr2d4WKLr1uioHuTl-xXeSEYwULll1OlrtU6bJAslHeNDkRhcC4WU1NQLz0gvzruXjZ4GWe_W-H50qvB0RvmZZ-I09gKuHREsjWDofz4VmodpUZ7UVBLYbYlUtR_zWPMuxf83nOckNRTZ_tsILjcjn_p_GVpbGG5bx20I1pzHrPS4Ii6qNgbg9igRtVqiqlAB1JeuNGZLbjcvT6t_rGX3jx2CcLw7NZrx5lialTPhVWr_ZhZ3GzMB9Hi-Uv9Pe8dBUJamDIg7DQTHCTCScM1yeqyrkArUFTQ0ssXpl7DogQVUKp5-OBidT-jCHltSJmUDL5LzRsiHnZ-gXXK4Ma7R7fu-lvhiwlfgoa-x9nr7ssNvIbQGDJowhPQ1NXi-mroUYeL0-K5LhzaNM5T_GJHIaB9TFD-2lnl7-7ii4XzILA_QqoH-c0wFk1rkB8iwkoBIF4Z_ykbKxAVwNa2ueTyHxIZy8AruZVw5UnX_CqKdc8SWnrMcB_Ncj34osTf6MLqCNDrTrzZ-V9Xzlykw9FyRTQyldslr-mGLr7Mu628RkdMK-_s3bInmiU8OZhEsMxGQepMFZRgRaXh9_pPcY06rc3RtIWppZe8mTdFlEh_kvinVZ36OC0JYM8ThxTKJYv0CAdRMI5mY9wQrlJX2Qf9eBLnwt1R9ZSfHQ_3mQ90r49uPe9FM7f8YMO4C_NWLf-SSidxho-mPTMpsL0dhn92MD0-BQz3LAEUvifIwFbnGe9QSKawVcwKprzIb6C3HvYrPwkWinAEZtDRovcwBI_deJJ1vXlP1oaf2UKDmDasLAJxqR59i9JTq--Exi-08P0E9J6YDR_hfi7G7unbEqISmAAcHb-qabmBDYeoxvp-uQ4Tt1ux_hFJB6egtLlf9jL93jAGvt4HGuDtdqLZBAoYpONz2wUJZSnvJnimOmCArQHtEXdgceS0HqW6fLvB97kXFX_ARGPpCpm4NINMF0vl-s3TVUG21unI2e-AgD1Uq3NcTieoW1iAFpfWUktU-ASckZLbXzPxTC_NIgN_QS6opgHEVA5BNSGciaojg3QYgMSXK3IxG-RzwCLSMhDUWBhBVtGKfsSNHNIjA-ZTzgnIhu9NMu8T3lzXJe_6jMuq17nKJGPSPx2Yzwg-JD8qYXtz_-ZMXxWj3XGRkfIdvMKJDAY81Wa1IifrOtRLbXcsNaKEClECXvzDKReHCLaUuzDISO6_vX6QGnoT-IbnS606pvtEOTpHhhmr3Jz1fC7nfbPJns1wCYTuKxSUIHAIPVdd1HxpmlcafD8jEl-jhIZDxp6UoNFhI_uoQmSUJzGAvc-uu9XANIN0ay4OKdneoOf45xUgcjOM2UItORLfMvjYYvBs-P_eKfQd19l2a3KdmvKmlPFkvpF6nSx-qmPdvhb7CnK7SmTgKt3Jr0gm8g826TjEY7Nw3pEGcfVrKSdgFSjJgM0XJDHjU&cid=CAQSTgAvHhf_61ZzMahsqTwtogS5mAhaUTn3bO3Kt_Hvf94LLidOBX8an3hWj04RKTjqO7_S6UQVi2op424i2u_9qZvmrXTtbreWK58zNP7gzRgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fpontiarmada.com%2F&ds=l&xdt=1&iif=1&cor=15738414850204460000&adk=1726166463&idt=90&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 11:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 11:55:51 GMT

GET
H/1.1 200
OK dvbs_src_internal125.js Show response
cdn.doubleverify.com/ Frame B62D 60 KB
20 KB 33ms
33ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=875628&cmp=31080322&plc=383957415&sid=6316021&aufilter1=134&prr=1&ppid=103&autt=1&auevent=ABAjH0iwaX-H1qZoqebgmmCrosYi&c1=134&auorder=1015263141&aucmp=20880324188&aucrtv=539770212&auxch=1&pltfrm=1&ausite=406937596949&turl=http://pontiarmada.com/&aubndl=&audeal=&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:36 GMT
Server: UploadServer
ETag: "8188d451e0a669939fa9ed400c00d127"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695
Expires: Sun, 16 Feb 2025 22:29:40 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 76B6 33 KB
34 KB 97ms
32ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:19:59 GMT
x-content-type-options: nosniff
age: 169781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:19:59 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame B62D 443 B
577 B 146ms
54ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_750808072969&jsTagObjCallback=__tagObject_callback_750808072969&num=6&ctx=875628&cmp=31080322&plc=383957415&sid=6316021&advid=&adsrv=&unit=300x250&isdvvid=&uid=750808072969&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=121&bridua=3&dup=null&ppid=103&auevent=ABAjH0iwaX-H1qZoqebgmmCrosYi&aucmp=20880324188&aucrtv=539770212&auorder=1015263141&ausite=406937596949&auxch=1&pltfrm=1&aufilter1=134&autt=1&c1=134&turl=http://pontiarmada.com/&chro=1&hist=2&winh=250&winw=310&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=6.10&aubndl=&audeal=&callbackName=__verify_callback_750808072969
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 796404fb174b62713f8d6c6718ff93eb38f8456703e3bb97032fdcc0ae4549f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:40 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/16/2024 22:29:40

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 416D 38 KB
13 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 231991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 06:03:09 GMT
expires: Fri, 14 Feb 2025 06:03:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 1DD8 9 KB
4 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 83590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:16:30 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 23:16:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame B6F2 9 KB
4 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 83590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:16:30 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 23:16:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXgK69kD_C3JP5xhi8SGXC0s-ZG_hiqAaR5Ctthdd5aGfpuIWcLzj2o4H5qW65JaP783XwEwY75o9_sg84FnPdkjnjGqZfQ5-UhyfDH4CdZkHXHM-IrrIKWt6U8wdH3NQzFoKUn-Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXgK69kD_C3JP5xhi8SGXC0s-ZG_hiqAaR5Ctthdd5aGfpuIWcLzj2o4H5qW65JaP783XwEwY75o9_sg84FnPdkjnjGqZfQ5-UhyfDH4CdZkHXHM-IrrIKWt6U8wdH3NQzFoKUn-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA4OTgwLDY2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL3BvbnRpYXJtYWRhLmNvbS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa2f4dcb6e9be1273996caee407469425d2b7aac3e896224116862ebff74f53e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9_rt65uxj3F_fIi-vzW1lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9_rt65uxj3F_fIi-vzW1lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OK8-OrGMTuND27xwTAOPFRRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Fetch
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 76B6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CI4zBUzPRZd2RNaSdur8P4LuvmA_M_PHMddjw-ujdEZXRi7GVDhABINXo1EZgye6Oi8CkjBCgAZqE7p8qyAEJqAMByAPLBKoEiwJP0JiqK3Buya8fWi_PTM_qP27NqowcfP3Cs0_g_dks8rT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa8929c16c4cc5bc40000000000000000%22,%222%22:%220x4c0b9251bfbc17f0000000000000000%22,%223%22:%220x55a0180...

0
0

159ms
88ms

Fetch
text/css

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa8929c16c4cc5bc40000000000000000%22,%222%22:%220x4c0b9251bfbc17f0000000000000000%22,%223%22:%220x55a0180a76b0b70a0000000000000000%22,%224%22:%220x9a79fb20b8fb78000000000000000000%22,%225%22:%220x15db3c67abdf4b0c0000000000000000%22},%22debug_key%22:%2212493692623639264072%22,%22debug_reporting%22:true,%22destination%22:%22https://cimasilaw.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211341103642%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223173083426208295377%22}&andc=true

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa8929c16c4cc5bc40000000000000000","2":"0x4c0b9251bfbc17f0000000000000000","3":"0x55a0180a76b0b70a0000000000000000","4":"0x9a79fb20b8fb78000000000000000000","5":"0x15db3c67abdf4b0c0000000000000000"},"debug_key":"12493692623639264072","debug_reporting":true,"destination":"https://cimasilaw.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11341103642"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"3173083426208295377"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:29:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:29:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa8929c16c4cc5bc40000000000000000","2":"0x4c0b9251bfbc17f0000000000000000","3":"0x55a0180a76b0b70a0000000000000000","4":"0x9a79fb20b8fb78000000000000000000","5":"0x15db3c67abdf4b0c0000000000000000"},"debug_key":"12493692623639264072","debug_reporting":true,"destination":"https://cimasilaw.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11341103642"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"3173083426208295377"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1DD8 5 KB
767 B 42ms
41ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 20:33:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1DD8 205 B
518 B 33ms
32ms Image
image/png 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:27:18 GMT
x-content-type-options: nosniff
age: 3742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Feb 2025 21:27:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1DD8 604 B
694 B 33ms
32ms Image
image/png 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:06:17 GMT
x-content-type-options: nosniff
age: 1403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Feb 2025 22:06:17 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 1DD8 15 KB
6 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 02:51:27 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 1DD8 22 KB
9 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:05 GMT

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame F9A9 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:16:26 GMT

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame B6F2 8 KB
4 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 16:32:09 GMT

GET
H2 200 ab77659d8aeee68d4ac089b35b98f5ab.js Show response
www.gstatic.com/mysidia/ Frame B6F2 41 KB
16 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab77659d8aeee68d4ac089b35b98f5ab.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

272ed21c82e5d27117668349a64eb3e9b84dafa41a10a5f1350fd83097795442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16346
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 14:22:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B6F2 2 KB
822 B 35ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 07:56:44 GMT

GET
H2 200 72acafc7381a374e875f2810be119754.js Show response
www.gstatic.com/mysidia/ Frame B6F2 22 KB
9 KB 52ms
49ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/72acafc7381a374e875f2810be119754.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72cc43cd292571dac7823e1a28a82927b237c9637f7b81fcd4b1f248092fdc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 11:33:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame B6F2 23 KB
9 KB 47ms
45ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B6F2 3 KB
1 KB 41ms
39ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:35:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B6F2 20 KB
8 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:23:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B6F2 204 KB
61 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:35:29 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame B6F2 36 KB
15 KB 41ms
39ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 11:33:42 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 416D 39 KB
15 KB 42ms
42ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 12:16:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame B62D 75 KB
26 KB 69ms
65ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWC-CiAIXpIlB1Bwta_0Hid-9WqBekXsSFhcJ1R_czAybasMIM&d=CpkBAKAmf-Cm8kF72AqysQXIZ_IbyMLZVl97OzSqLd2uGBWlR_naWJGbdnc_G_wTQafI8qDz5CUgynSpbZTELVgq9XZvyAf5j3Ev7y6hzM779-7qrcY1HdoMRHGEuYDiFJg77V7qYKqIsHobPw1lvkbBef-g-WvPT12xhXTIWl7RsSQWv5Q8ybuWpCtvE86z5-4EjFPQLoUaeMR_EvkVAKAmf-C0A_mi5P9pT19PqDtBGeonu73DymAIYfXRsLa24uG7RuVuUl6EIxEB8Sgijnp_ObJTJ9ZJa5fDubZppJb-kJP5DptDCBxglYQZ9t5I9uBIuLldLgq6L7fo1cbCnRn9c1wNSZWr9KtdodXtg65s99JRXh5fttnSOdyfRHzR5fR3IQJHIyokHVSpruo0OLSx9ghDAANSHCLAcbfz8BJQUzVIF9rIf9U45LiiNVloJJf8OottF3nEs8z8GaGnaBPjo1t_9u2LCgGY6mgzUj4wkoD4CgXWD0AmHLSiUgVBqALoDlpLHrgbM9r94TNncyLLBK5XU9L8jHWDCoTTIdiaUEcQaSx6P63YyeUZ-Z8esZfJVLXRsgYT3wwuvVNz9FJNgnMke2Ti_WqRPAtPjr1Z7lMwXmZ1UIuB0POrK-BjWiZXHqLMPcBo3aeUw_GDKxsuuYOkK8KDTwvPIaIumGdh4lNImWG_RhYpUFneIVRCT4iuoi-WHG6DcvKoHgu3vfmSR6maQ71fmHp_f-sxF_iSxgcChmSOlUlY55yMbPgnPGzqiW-E3DD9r1FfzkIkT6h_sp7Hx7rMzjN9QUTUMBzCCmfgyt5zXGfmsHf6zP9YsgR4yHxPxOzGDJTvkitXg84dsmEe-wvcX7Hqp3N-RtHF05d5Lfb1T80-6skohZwHpopew1_-CGsGl5HyTq2KxcJd-TG9E4ZRk6__En3C5r36aMdy-biUViI1ofyvs1DoSyS-UHmea02b-6YbmURMuHwGEZ12m3q8QHQNF4_BB25xEXHqylVnE_fRKQuart1OUR2a9IP8xr0SSYSXt69_adNcJMjnf9s_viVjSgFXJmseH5Fd16LfRQfmvyzD2wbIgWi6rBJaurRtcJ0LcckqFBVUOCxpYPGH2qEpLkMeqyQOHjmU3tlXyPpcB8z3FS1JlNn6xZf2XRvrF0v-2n7QRFBNjAhJoWAG3C8o-PyCV-8QAtNmejYvmgaNxJzDJAeWoRgFViiklQjuqtwajq0qfILdH9XWTT5XvG4f_ORqgOwyLMYnjXHz-KGB0b_r3tq6wFw6KunGzyHZSIHQvVmu1BHrzbfxP3uZnBemBz1EBqXXDFgaGWDYe7f59ct7MhnEOJKJW3mv-H52CmulNTI5epBP6uVO3Y9MWCdyvHG4KH0_v-1QRDu2i0pwpivXc0frPBZjnFrIXCS7g-EPa8JddjNPYGV6dXFLP_GisNxd7iIcrKRe3x8sn6ACXrd7hb0gUhOuf130bLTkFbhDAUyTs1GThDjFawZ4YhL4sbmG2SWox31BgfOlS44QL-eFwv7Qr74WvXNgnByH54gYeDztmY4aP5kfXt5_2dbsWie1QgqSw1g0nuN8_pcszIrnJ49JB-62dEnxTbDSAhohhjUECi_Gctjso0FFQZz3nf_XHzNVLsT7GB-yGasu0l7WySZYly1Ea0icpI0zxrhCqxxDGYkNd-la25DBLlQXyhf8i00zIUicg4347SjgHrc7gx4M_DnvI7rjWkZwF2qy6tMfOA-t-fcWqSwpgZR-7Pv-DaRXMRdHpgfuLl0JZ8BgINL_Xd2U2EnKIXcXltp-ytsGlUEx1Yv7wc_IMSaF3R6EB7iSnDYmw8-MYDX3ruff-8aiCtEEw2s1EsECtmlfFU7YlPL71yuDJf_c2ECqd2WThnaDeI2qMNxZXnjO4uQkAppzClvbR4H7e_y92JPSXUY_CrC8j8Xf9-InAePlZILRTFHZ68vEyEAkuw9Nv0g92ezxM49z2h2kl0mEnChAeQdFDHTyyq5uuCPSjeBLiBmbeBjbeHBwVkDzYCPqyfa9TI-X94pDtdbP1rqAwZ7_OF5PpGR6FV_5CAC6GXqH1kmijCIec650n_nz7WH7thZRKUAohcxMNVyRQ13BX4Lq2xjbiRhUxNavtT4lni8JPM2s2-JlUqPwF_GKRs5LUeuPYK6lV972Xs9F4th8f_w93Ei9iNOYGMp1Z_j7PqcUfzLH-ZVVu0BhIYS76BAoD6akp4voHgb6ZHr56-P5pNQlCMPqrcQjbxgRh-bpv15DHciqtJK4ZhinXWae7FKI0FFPoFZAsQfGk_0OZE2qArVg9MZkBkzlw5i_sXM9fgaau4pBl2P2AoQlDB1GHrpPF43ZhmJUEiAwgLoCfM4F-wDx5QHZyMy3d5b2Lf5aEIMMe_yL3KlmoxF-gx7Asp9z6a3aN0zaw4Wz_FyOO-lVA2r_UfTomP6VjqwkpLiT0F9s0g7HweTb4jlnFXihjMCrmzBqMdS3Ou-y_hZyUli2OOiN7mtqhTfp0ycC0ypMaYMAX-lR08oPb-_1-t4UjEM7BGHV3AyRbWhp-pg6cKvrC2zwavvsSa-evOrYshF0uDmcpKJ61tVYoNxhfP6KwfHaNRL_kF77itlhCV6AqWp7g8iTV2wKYeDVrHxDO0ljrVu2JJKahAiLu0nL7mbPYv5Dr90v816J33FYh6TTy7JjWEIpWzBPe0apj9DVVnYxqjkG8HgqKwV5d0VRIEty8dXFaz79gY2yZRWCXbIlycJV6HItU3KZfGqNCCeoIyUhYeskxfXUXwAKw39jrV-NmPtGy01lt3AQj-1pQOiP5azq8JpSJnT6LzlgMpiCieV6Qp2wfL1p4raQNrxE9HNXh3KtUWEpyTe2bX9BFwDJ4i1PqG3qZd7Lem6zoZA9swZplkL4czvHNinO4rcHt0iUvCFCJoC_LlZ412qbrt74PXy9ibcs6wSfOYdSooXhfIJQ-6cuQqyClAHck3ZW2BeghlpW7yIvE9Kd8LX_2layjnA8zPFOeOoqjVU1Pjm21c7SqPijS-W2aBw6eP0CyhQ4vUf0pbTfOTIC2OEfpk5wyJXMDBAcbstUikGp4JbGRctT8T_xNq9hoyGzl4lEONgw7zfcMKHR48ThE3xNgch6yF8FMFnegg_nGct3mfdNFUoejIzgrFt8UeeaLtip3bNWWl_QabAxO1q53cAZxWW_FExicgIAkaXmtgW7a6fkGMCdyO6ihnv2ABV6T7y-mjASPODKW6by-OXEQfzOrITvr8rNyWlfeLsfd1O43djGe9ulOAsQFV2IWYPwQdYSbzzkp-qFYDd9HB21btCE9pnn9usN_aD_7bHiPwT2BNkAFObTvknvAMqfHj_9qC7j6xAHaXi0214ziJFOiSKTE69ZplucMB_3GiVLdK0VNWADY7fzYLUyp00Glh-QQJ7SuW9Af9UML4ZVm8McnvcejJeuFkp-W1q--yVUDmuOGUdNJBuuyrIh8n6r3aXp-5dUJInG-Csn57_rDrJQ998e3nupul_GARIkIM7LBY5fyrnUlbyKrGZiqtfoW4DzhtQXPozRd2cSUgwQkadx7IRJJMiFPJGT1ssGlDWx7fFprab-BOwb7GabL56S9CCdZSltxoHt0YjoDlUkwIOB1fIIoXXZOlhTLN8_XldtUv9oY0LhEhPUM9xb-f19yco14UCIcptTp8MUOFQzhfryp7CEIw3Veo4cdn_ND0LHoMbyp0X8OqFabjXMlunjYBGH_H05bWwjOEU5aWa0WbLIkBkQN4quEN2uCOp6irHg7IhJJbtY4emfzmgx9SfwvOjhz5W4fzApJLlZXKLVqVIECyagnZytfZ2e4laYIsQzQI91rdc2qrW-oFkvi5Y0holqw7BOVLp4lwmDZCCH7qeID2tS5gXy2IwVBmDSrHtOvd7jCGWLw770s3C0cBDTfyihOWKlrqt8BxpUCAQSTgAvHhf_61ZzMahsqTwtogS5mAhaUTn3bO3Kt_Hvf94LLidOBX8an3hWj04RKTjqO7_S6UQVi2op424i2u_9qZvmrXTtbreWK58zNP7gzRgBYAE&cry=1

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ee14bc6bda17c948c3136c5b039935dcaeb836df8703fa45778f26100ec51047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWQ2YD9mGjnlXpLbmRXzAQuAWIHPGnFyrT0dyL01x6k8trByW9n9bUX3r5QXvrkLII4JL4lv0X2MDt_4ubd6yJGv1Qtkqg-yZXmCSDIKcO2yOnfRoL8KWZyxP8UHd5gyq4P__z8XQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
68ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWQ2YD9mGjnlXpLbmRXzAQuAWIHPGnFyrT0dyL01x6k8trByW9n9bUX3r5QXvrkLII4JL4lv0X2MDt_4ubd6yJGv1Qtkqg-yZXmCSDIKcO2yOnfRoL8KWZyxP8UHd5gyq4P__z8XQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA4OTgwLDczNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9wb250aWFybWFkYS5jb20vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b2af567f6046978c1d90d551a3ae096504538d67126b788a33e53420f6f660

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yHO4QtUujx0jO-3tFgJXkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yHO4QtUujx0jO-3tFgJXkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OK8-OrGMTeLFw1RcmAN0vRQ4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4C0C 2 KB
564 B 41ms
39ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:29:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:29:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4C0C 2 KB
822 B 40ms
35ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 07:56:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 4C0C 23 KB
9 KB 39ms
35ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4C0C 3 KB
1 KB 38ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:35:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4C0C 20 KB
8 KB 65ms
62ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 22:29:40 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4C0C 204 KB
61 KB 34ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:35:29 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 4C0C 36 KB
15 KB 36ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 11:33:42 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 158ms
89ms Preflight
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:29:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/ Frame 6584 33 KB
5 KB 36ms
35ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ab77659d8aeee68d4ac089b35b98f5ab.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61a0b37ab34701b86fe1eba7b582ce66cc9708cdb2e36af7fb561e8779f2439

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:40 GMT
expires: Sun, 16 Feb 2025 22:29:40 GMT
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B62D 111 KB
39 KB 99ms
31ms Script
text/javascript 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 19:06:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame B62D 12 KB
4 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWC-CiAIXpIlB1Bwta_0Hid-9WqBekXsSFhcJ1R_czAybasMIM&d=CpkBAKAmf-Cm8kF72AqysQXIZ_IbyMLZVl97OzSqLd2uGBWlR_naWJGbdnc_G_wTQafI8qDz5CUgynSpbZTELVgq9XZvyAf5j3Ev7y6hzM779-7qrcY1HdoMRHGEuYDiFJg77V7qYKqIsHobPw1lvkbBef-g-WvPT12xhXTIWl7RsSQWv5Q8ybuWpCtvE86z5-4EjFPQLoUaeMR_EvkVAKAmf-C0A_mi5P9pT19PqDtBGeonu73DymAIYfXRsLa24uG7RuVuUl6EIxEB8Sgijnp_ObJTJ9ZJa5fDubZppJb-kJP5DptDCBxglYQZ9t5I9uBIuLldLgq6L7fo1cbCnRn9c1wNSZWr9KtdodXtg65s99JRXh5fttnSOdyfRHzR5fR3IQJHIyokHVSpruo0OLSx9ghDAANSHCLAcbfz8BJQUzVIF9rIf9U45LiiNVloJJf8OottF3nEs8z8GaGnaBPjo1t_9u2LCgGY6mgzUj4wkoD4CgXWD0AmHLSiUgVBqALoDlpLHrgbM9r94TNncyLLBK5XU9L8jHWDCoTTIdiaUEcQaSx6P63YyeUZ-Z8esZfJVLXRsgYT3wwuvVNz9FJNgnMke2Ti_WqRPAtPjr1Z7lMwXmZ1UIuB0POrK-BjWiZXHqLMPcBo3aeUw_GDKxsuuYOkK8KDTwvPIaIumGdh4lNImWG_RhYpUFneIVRCT4iuoi-WHG6DcvKoHgu3vfmSR6maQ71fmHp_f-sxF_iSxgcChmSOlUlY55yMbPgnPGzqiW-E3DD9r1FfzkIkT6h_sp7Hx7rMzjN9QUTUMBzCCmfgyt5zXGfmsHf6zP9YsgR4yHxPxOzGDJTvkitXg84dsmEe-wvcX7Hqp3N-RtHF05d5Lfb1T80-6skohZwHpopew1_-CGsGl5HyTq2KxcJd-TG9E4ZRk6__En3C5r36aMdy-biUViI1ofyvs1DoSyS-UHmea02b-6YbmURMuHwGEZ12m3q8QHQNF4_BB25xEXHqylVnE_fRKQuart1OUR2a9IP8xr0SSYSXt69_adNcJMjnf9s_viVjSgFXJmseH5Fd16LfRQfmvyzD2wbIgWi6rBJaurRtcJ0LcckqFBVUOCxpYPGH2qEpLkMeqyQOHjmU3tlXyPpcB8z3FS1JlNn6xZf2XRvrF0v-2n7QRFBNjAhJoWAG3C8o-PyCV-8QAtNmejYvmgaNxJzDJAeWoRgFViiklQjuqtwajq0qfILdH9XWTT5XvG4f_ORqgOwyLMYnjXHz-KGB0b_r3tq6wFw6KunGzyHZSIHQvVmu1BHrzbfxP3uZnBemBz1EBqXXDFgaGWDYe7f59ct7MhnEOJKJW3mv-H52CmulNTI5epBP6uVO3Y9MWCdyvHG4KH0_v-1QRDu2i0pwpivXc0frPBZjnFrIXCS7g-EPa8JddjNPYGV6dXFLP_GisNxd7iIcrKRe3x8sn6ACXrd7hb0gUhOuf130bLTkFbhDAUyTs1GThDjFawZ4YhL4sbmG2SWox31BgfOlS44QL-eFwv7Qr74WvXNgnByH54gYeDztmY4aP5kfXt5_2dbsWie1QgqSw1g0nuN8_pcszIrnJ49JB-62dEnxTbDSAhohhjUECi_Gctjso0FFQZz3nf_XHzNVLsT7GB-yGasu0l7WySZYly1Ea0icpI0zxrhCqxxDGYkNd-la25DBLlQXyhf8i00zIUicg4347SjgHrc7gx4M_DnvI7rjWkZwF2qy6tMfOA-t-fcWqSwpgZR-7Pv-DaRXMRdHpgfuLl0JZ8BgINL_Xd2U2EnKIXcXltp-ytsGlUEx1Yv7wc_IMSaF3R6EB7iSnDYmw8-MYDX3ruff-8aiCtEEw2s1EsECtmlfFU7YlPL71yuDJf_c2ECqd2WThnaDeI2qMNxZXnjO4uQkAppzClvbR4H7e_y92JPSXUY_CrC8j8Xf9-InAePlZILRTFHZ68vEyEAkuw9Nv0g92ezxM49z2h2kl0mEnChAeQdFDHTyyq5uuCPSjeBLiBmbeBjbeHBwVkDzYCPqyfa9TI-X94pDtdbP1rqAwZ7_OF5PpGR6FV_5CAC6GXqH1kmijCIec650n_nz7WH7thZRKUAohcxMNVyRQ13BX4Lq2xjbiRhUxNavtT4lni8JPM2s2-JlUqPwF_GKRs5LUeuPYK6lV972Xs9F4th8f_w93Ei9iNOYGMp1Z_j7PqcUfzLH-ZVVu0BhIYS76BAoD6akp4voHgb6ZHr56-P5pNQlCMPqrcQjbxgRh-bpv15DHciqtJK4ZhinXWae7FKI0FFPoFZAsQfGk_0OZE2qArVg9MZkBkzlw5i_sXM9fgaau4pBl2P2AoQlDB1GHrpPF43ZhmJUEiAwgLoCfM4F-wDx5QHZyMy3d5b2Lf5aEIMMe_yL3KlmoxF-gx7Asp9z6a3aN0zaw4Wz_FyOO-lVA2r_UfTomP6VjqwkpLiT0F9s0g7HweTb4jlnFXihjMCrmzBqMdS3Ou-y_hZyUli2OOiN7mtqhTfp0ycC0ypMaYMAX-lR08oPb-_1-t4UjEM7BGHV3AyRbWhp-pg6cKvrC2zwavvsSa-evOrYshF0uDmcpKJ61tVYoNxhfP6KwfHaNRL_kF77itlhCV6AqWp7g8iTV2wKYeDVrHxDO0ljrVu2JJKahAiLu0nL7mbPYv5Dr90v816J33FYh6TTy7JjWEIpWzBPe0apj9DVVnYxqjkG8HgqKwV5d0VRIEty8dXFaz79gY2yZRWCXbIlycJV6HItU3KZfGqNCCeoIyUhYeskxfXUXwAKw39jrV-NmPtGy01lt3AQj-1pQOiP5azq8JpSJnT6LzlgMpiCieV6Qp2wfL1p4raQNrxE9HNXh3KtUWEpyTe2bX9BFwDJ4i1PqG3qZd7Lem6zoZA9swZplkL4czvHNinO4rcHt0iUvCFCJoC_LlZ412qbrt74PXy9ibcs6wSfOYdSooXhfIJQ-6cuQqyClAHck3ZW2BeghlpW7yIvE9Kd8LX_2layjnA8zPFOeOoqjVU1Pjm21c7SqPijS-W2aBw6eP0CyhQ4vUf0pbTfOTIC2OEfpk5wyJXMDBAcbstUikGp4JbGRctT8T_xNq9hoyGzl4lEONgw7zfcMKHR48ThE3xNgch6yF8FMFnegg_nGct3mfdNFUoejIzgrFt8UeeaLtip3bNWWl_QabAxO1q53cAZxWW_FExicgIAkaXmtgW7a6fkGMCdyO6ihnv2ABV6T7y-mjASPODKW6by-OXEQfzOrITvr8rNyWlfeLsfd1O43djGe9ulOAsQFV2IWYPwQdYSbzzkp-qFYDd9HB21btCE9pnn9usN_aD_7bHiPwT2BNkAFObTvknvAMqfHj_9qC7j6xAHaXi0214ziJFOiSKTE69ZplucMB_3GiVLdK0VNWADY7fzYLUyp00Glh-QQJ7SuW9Af9UML4ZVm8McnvcejJeuFkp-W1q--yVUDmuOGUdNJBuuyrIh8n6r3aXp-5dUJInG-Csn57_rDrJQ998e3nupul_GARIkIM7LBY5fyrnUlbyKrGZiqtfoW4DzhtQXPozRd2cSUgwQkadx7IRJJMiFPJGT1ssGlDWx7fFprab-BOwb7GabL56S9CCdZSltxoHt0YjoDlUkwIOB1fIIoXXZOlhTLN8_XldtUv9oY0LhEhPUM9xb-f19yco14UCIcptTp8MUOFQzhfryp7CEIw3Veo4cdn_ND0LHoMbyp0X8OqFabjXMlunjYBGH_H05bWwjOEU5aWa0WbLIkBkQN4quEN2uCOp6irHg7IhJJbtY4emfzmgx9SfwvOjhz5W4fzApJLlZXKLVqVIECyagnZytfZ2e4laYIsQzQI91rdc2qrW-oFkvi5Y0holqw7BOVLp4lwmDZCCH7qeID2tS5gXy2IwVBmDSrHtOvd7jCGWLw770s3C0cBDTfyihOWKlrqt8BxpUCAQSTgAvHhf_61ZzMahsqTwtogS5mAhaUTn3bO3Kt_Hvf94LLidOBX8an3hWj04RKTjqO7_S6UQVi2op424i2u_9qZvmrXTtbreWK58zNP7gzRgBYAE&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame B62D 30 KB
11 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:31:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:31:08 GMT

GET
H/1.1 200
OK dv-measurements5440.js Show response
cdn.doubleverify.com/ Frame E7DE 416 KB
100 KB 33ms
33ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5440.js
Requested by: Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3715577017a81981822750d6021cefbf2cf852f29bdb0b054d6496661c6048a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 08:02:46 GMT
Server: UploadServer
ETag: "b35ef464a7d552ff3fdb2e7fab469286"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101476
Expires: Sun, 16 Feb 2025 22:29:40 GMT

GET
DATA 200
OK truncated
/ Frame B62D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5136dc38ef1acef9d4d52b173a0c69fc2a8ab32e7625e86b44487f382793e80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B6F2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aa7681ff91a1b1ca1dbae823869bb2db6251ecb3638bc09aed0132d1c6301b8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6584 6 KB
3 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 18 Feb 2024 02:51:18 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6584 37 KB
14 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 01:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13986
x-xss-protection: 0
server: cafe
etag: 13700676731869450326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 18 Feb 2024 01:36:46 GMT

GET
H3 200 383954e7968e76654f7d49b137dccd5f.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/ Frame 6584 73 KB
22 KB 36ms
35ms Script
application/x-javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/383954e7968e76654f7d49b137dccd5f.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a63005fe820559e09ba5303a236ceaceb20700f320122350ed183f66889116a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Feb 2025 22:29:41 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
39ms Ping
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBKKV0FTSN&gtm=45je42e0v9109091153za200&_p=1708208979347&gcd=13l3l3l3l1&npa=0&dma=0&cid=1522731977.1708208980&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AEII&_s=2&sid=1708208979&sct=1&seg=0&dl=http%3A%2F%2Fpontiarmada.com%2F&dr=http%3A%2F%2Fredirect4.xyz%2F&dt=SPORT%20NEWS%20%E2%80%93%20pontiarmada.com&en=ad_impression&ep.query_id=CJ2Hyqu2s4QDFaSO7gEd4N0L8w&_et=836&tfd=2127
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B9C 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:16:26 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E7DE 718 B
752 B 211ms
57ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=178&ttfrms=24&brid=3&brver=121.0.6167.184&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1708208981091338&jsCallback=dvCallback_1708208981091292&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5440&tgjsver=5440&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8891303795668056%26output%3Dhtml%26h%3D250%26slotname%3D9200663831%26adk%3D1139646415%26adf%3D3591968409%26pi%3Dt.ma~as.9200663831%26w%3D310%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708208979%26rafmt%3D1%26format%3D310x250%26url%3Dhttp%253A%252F%252Fpontiarmada.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1708208979536%26bpp%3D1%26bdt%3D343%26idt%3D305%26shv%3Dr20240215%26mjsv%3Dm202402120101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C710x280%252C710x280%252C710x280%26nras%3D1%26correlator%3D8137725721193%26frm%3D20%26pv%3D1%26ga_vid%3D1522731977.1708208980%26ga_sid%3D1708208980%26ga_hid%3D361656601%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1045%26ady%3D543%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31081188%252C31081222%252C42531705%252C44795922%252C95322434%252C95322745%252C95324581%252C95325066%252C31081168%252C95322181%252C95324155%252C95324161%252C95324434%26oid%3D2%26pvsid%3D3004240130396446%26tmod%3D1983950752%26uas%3D0%26nvt%3D1%26ref%3Dhttp%253A%252F%252Fredirect4.xyz%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D310&fcifrms=13&brh=2&dvp_epl=248&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=http://pontiarmada.com/&c1=134&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iwaX-H1qZoqebgmmCrosYi&aucmp=20880324188&aucrtv=539770212&auorder=1015263141&ausite=406937596949&auxch=1&pltfrm=1&aufilter1=134&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=628722708.0230377&ee_dp_sukv=628722708.0230377&dvp_tukv=22021066923.325188&ee_dp_tukv=22021066923.325188&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1052688289021&jurtd=2914652621
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 41de9d2ca203452dffd65d9c1799050755d1d160afa8030e62022a664db58b52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/16/2024 22:29:41

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B62D 9 KB
4 KB 32ms
31ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=875628&cmp=31080322&sid=6316021&plc=383957415&num=&adid=&advid=2530996&adsrv=1&region=30&btreg=575107441&btadsrv=doubleclick&crt=&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0137c21026bfb70d6c38ea2c4bfe12b1ce6d9e9765f061a87afa10e89100e41d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 12:17:38 GMT
Server: UploadServer
ETag: "98a9100cf96e4be6a7f344bd733fdb63"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3637
Expires: Sat, 17 Feb 2024 22:44:41 GMT

GET
H3 200 300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html Show response
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 7 KB
3 KB 97ms
33ms Document
text/html 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06a4d6ea8336635f0b20f6ea7cbc13263eb5bfca382c4f156c7a76f0732743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 62905
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2616
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 05:01:16 GMT
expires: Sun, 16 Feb 2025 05:01:16 GMT
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B62D 0
0 158ms
91ms Fetch
image/gif 142.251.167.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvHDLYHDpSVJu5Q0yfB8dhf820wTM9BqexUys2V6kt-JVi9lXzHo_6sz11or6_0BaNTWcV8MolU-gYGWPreXZHHOn6CzNr6uynbPSQPbjnJJJnuJE-VXZzjVuWEd2dsx4T_pKcQ1fAfXH5ahK9HZ4f_0iSRuQOxf905ArFMZ7dyZiULLouCNXjmg3D3bdP8XhTgd5xC-mfP_kxnBluz9vwviKRI8ICafFw&sai=AMfl-YTSHU-GUFufAJRZ2p5tHfjOyMn8an8DJYYmfAJAANZKngUl8ctULNJNeeF2UpuZyBib176ZS6v96FpgDrTy56ErHjHT4so0Vw0ip2ATHRPOj5mR5snW1zfmHY8rwHlxGYaJP0qKyD_kww&sig=Cg0ArKJSzIkpuNNyCOeKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9zY2h3YWIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=218&cisv=r20240215.41224&arae=0&ftch=1&adurl=

Requested by

Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.149 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:29:41 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame B62D
Redirect Chain

https://sb.scorecardresearch.com/p?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429
https://sb.scorecardresearch.com/p2?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429

43 B
297 B

44ms
44ms

Image
image/gif

3.162.3.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Protocol: H2
Server: 3.162.3.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-20.yul62.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
via: 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: JIHU37j8o5bfxjKP42se4qeRSb-Q1inYeh86smrkRwsot8VI_Cp9aA==

Redirect headers

date: Sat, 17 Feb 2024 22:29:41 GMT
via: 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
location: /p2?c1=3&c2=6035777&c3=31080322&c4=165110407&c5=383957415&c6=&c10=1&c11=6316021&c13=&c16=dfa&cj=1&ax_fwd=1&rn=2684342429
content-length: 0
x-amz-cf-id: jKP2P2oPl-08V6-zz5w8kAQLRNkdqCKZx_eePNsaVv7eJMJUI-GDCA==

GET
H/1.1

200
OK

a.gif
count.schwab.com/b/ Frame B62D
Redirect Chain

https://count.schwab.com/1/d/c.gif?aqet=imp&img=true&adv=2530996&ag=UM&ca=31080322&cr=165110407&pl=383957415&r=2684342429&si=6316021
https://count.schwab.com/b/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=747A9D9AA3015603B8B8B82DD030A4D84C02928C297C68C2BF06FF9609BE4906&img=true

42 B
304 B

46ms
45ms

Image
image/gif

23.48.104.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.schwab.com/b/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=747A9D9AA3015603B8B8B82DD030A4D84C02928C297C68C2BF06FF9609BE4906&img=true
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Protocol: HTTP/1.1
Server: 23.48.104.104 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-104.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Expires: Sat, 17 Feb 2024 22:29:41 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Type: text/html
Location: /b/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=747A9D9AA3015603B8B8B82DD030A4D84C02928C297C68C2BF06FF9609BE4906&img=true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Expires: Sat, 17 Feb 2024 22:29:41 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ Frame B62D 42 B
434 B 118ms
31ms Image
image/gif 3.161.213.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=289304&adn=3&ca=31080322&si=6316021&pl=383957415&cr=165110407&did=ADID&ord=2684342429&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1708208979&rafmt=1&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708208979536&bpp=1&bdt=343&idt=305&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C710x280%2C710x280%2C710x280&nras=1&correlator=8137725721193&frm=20&pv=1&ga_vid=1522731977.1708208980&ga_sid=1708208980&ga_hid=361656601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081188%2C31081222%2C42531705%2C44795922%2C95322434%2C95322745%2C95324581%2C95325066%2C31081168%2C95322181%2C95324155%2C95324161%2C95324434&oid=2&pvsid=3004240130396446&tmod=1983950752&uas=0&nvt=1&ref=http%3A%2F%2Fredirect4.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=310
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-115.yul62.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:49:57 GMT
via: 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: YUL62-P1
age: 2384
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: 0jgOesCjF9o79EtuUhkg1fqdJkQ45K57ADFWgSyZaaiF8xmhkq6-tA==
expires: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame FFC0 236 KB
63 KB 165ms
60ms Script
text/javascript 2600:1402:8800::1728:cd8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1402:8800::1728:cd8a Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 17 Feb 2024 22:44:41 GMT

GET
H3 200 300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.js Show response
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 51 KB
7 KB 33ms
33ms Script
application/x-javascript 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a5e7480e1f507dd16b5eac219395102aa0ed03745de91bd9c1913644f7418e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:16 GMT
date: Sat, 17 Feb 2024 05:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6631
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 2 KB
2 KB 33ms
32ms Image
image/gif 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/_preloader.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 14:12:47 GMT
date: Sat, 17 Feb 2024 14:12:47 GMT
x-content-type-options: nosniff
age: 29814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1949
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 css
fonts.googleapis.com/ Frame 6584 5 KB
766 B 47ms
46ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300i|Exo:700|Exo:500i

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/383954e7968e76654f7d49b137dccd5f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286d93e1d3abaf986eb3246df05ceaeb3b157831a13fa17d5349ec56c4ba38f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 22:24:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:29:41 GMT

GET
H3 200 4fde2fa90b299f39ea779c47a4f393f5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 8 KB
8 KB 33ms
32ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/4fde2fa90b299f39ea779c47a4f393f5.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

529dc12b5cbfeb4a5c2e170dd649e6b148753385005680771cab4319444f81c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:28:51 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:28:51 GMT
x-content-type-options: nosniff
age: 50
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8124
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8d0b6bc1a5f132253ea828c1d85b8fb2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 8 KB
8 KB 41ms
40ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/8d0b6bc1a5f132253ea828c1d85b8fb2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57b47dac0ec2b10c8f65753985cf0028b0751965fd7c8563df32786d2fc7273e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8540
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Feb 2025 22:29:41 GMT

GET
H3 200 573a9878d15e04ad8afb2eb7053a2c68.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 12 KB
13 KB 35ms
34ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/573a9878d15e04ad8afb2eb7053a2c68.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9469b9c9091afa28a875226a4cf99b386ee87566643a08210382d9575b767f96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12775
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Feb 2025 22:29:41 GMT

GET
H3 200 1e12b92b74f97e063330ab4fa7a93629.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 5 KB
5 KB 33ms
33ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/1e12b92b74f97e063330ab4fa7a93629.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df6f6f41a8892552126baeaf26b3abf4c990bbf5b6489232db12d36c6f9b2a21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 19:34:21 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 19:34:21 GMT
x-content-type-options: nosniff
age: 10520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4835
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 df753e8eb52941d635ec97c05029e9b2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 3 KB
3 KB 39ms
39ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/df753e8eb52941d635ec97c05029e9b2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b1ffe17c640ebec05a2c1913d898a0f1d9fb65c2ba415bf5fdaa6b573a39cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2761
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Feb 2025 22:29:41 GMT

GET
H/1.1 200
OK dv-measurements5440.js Show response
cdn.doubleverify.com/ Frame B9D6 416 KB
100 KB 33ms
33ms Script
application/javascript 2600:1408:5400:23::b819:7f4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5440.js
Requested by: Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3715577017a81981822750d6021cefbf2cf852f29bdb0b054d6496661c6048a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 08:02:46 GMT
Server: UploadServer
ETag: "b35ef464a7d552ff3fdb2e7fab469286"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101476
Expires: Sun, 16 Feb 2025 22:29:41 GMT

GET
H2 200 z7NHdQDnbTkabZAIOl9il_O6KJj73e7Fd_-7suD8Rb2V.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ Frame 6584 13 KB
13 KB 33ms
31ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NHdQDnbTkabZAIOl9il_O6KJj73e7Fd_-7suD8Rb2V.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300i|Exo:700|Exo:500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb7692c61b6b00555bf65ad4ec452441910715d6e2c81b1e99d6d008b38b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:27:17 GMT
x-content-type-options: nosniff
age: 169344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13448
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:11:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:27:17 GMT

GET
H2 200 4UaZrEtFpBI4f1ZSIK9d4LjJ4rQwOwRmOw.woff2
fonts.gstatic.com/s/exo/v21/ Frame 6584 12 KB
12 KB 44ms
43ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v21/4UaZrEtFpBI4f1ZSIK9d4LjJ4rQwOwRmOw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300i|Exo:700|Exo:500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f77807e92c449bfa6c398ee90d6d185ce96a69f8b8bf35cafadc37c2483d532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:21:43 GMT
x-content-type-options: nosniff
age: 169678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:21:43 GMT

GET
H2 200 4UafrEtFpBISdmSt-MY2ehbO95t00UBWOXYt.woff2
fonts.gstatic.com/s/exo/v21/ Frame 6584 13 KB
13 KB 37ms
37ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v21/4UafrEtFpBISdmSt-MY2ehbO95t00UBWOXYt.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300i|Exo:700|Exo:500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08fc618c45475a736f3f14120d652048fd12c66fa248f988359349468f1b2c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:55:31 GMT
x-content-type-options: nosniff
age: 2050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13284
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 21:55:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 416D 0
20 B 93ms
93ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BA___VDPRZZ3rGdHljvQP3umy2A0AAAAAOAHgBAI&bg=!IiGlIW7NAAZN4L4YbeA7ADQBe5WfOFLH5CVtiQkcvT2qM1MGQF5EH9kAUuyQ-zPGHylDZCztKkOXhf9PpaBopac3ppvkAgAAAg5SAAAAAmgBB5kDG6YOBzIvcQBH0ajnxrkIrrswj6t2EaMrNDYp83FN6q53XzvcFI_lpBX9EjRj2Bi_8oqv8Grk0K1cg8pfIVy4QlxEyKakYcxYiaNbaXTZdBYxXLAGwbaCda_qED2rW_UADjWKYfhXBADZz4QesbrVXi5ztfSkD0b2J49zTLwRKenu5OR21VyTbB9zgh5h0_AsU80EOlAKmEmr3yk11rHdI-hsRC1Xtnx-HOhEFDb9K6t6oY6MJkJd2K-Us2ByKPY1ylBmJJrF8vjkwbsYYn0aGS8UG4JLoS0TgekxvmuAA37K7C7BVuzNC9Pc320NF0N3YH-wrmzpsl2EkHRl6IECWtbRYpK--Uwb2hFeS8Ca8udp_EXi_S3Gv7kRVEBVQVoERFmpCYXLBaaNFlwlxpEk-nw0a6jAC--GJHmyN741jxdSMF3bM8dVb0e_r9m_ZdMmod451OvgSbdlqrzLSYo8VzMhWgPq7HAvq59v_2B4qxqzPqCeo0Oc-NZyZqyl5ygLxtZoj91goHjLRXL0x5Dl4eN452o7L7MPN_7SphEJ_WfEE51iqXmYyKMop7XWKdYW1FTZ_Pf8fnTxu-Y4sUOce4aFSrfrVNV8NjlgFnvKO4MWNJGjMFSHVrpLYgEPoS1jBgGSsT6XINy6Pwe1m4X2PpUL5WiZoWlIdwm5E8el4J93CbPDI7xIVuyEbjCxqNLDgK6X24YpCm72LKD0j49BZ3tU_Vus4M9ZNT8UcTMl96msSSnAmUXkPjFv7UTdYGRLDuLAZab4G7v2BDticBVCFlCmLNynXFN1M41nBkaTKbX4Pfh3fQaoP8Oo8BsOJ5mCvm0yxTXjmafKTiItmBwRH_TFBhujk5jkOdfEGiDA2YewsYQCkDkZJKuPr-C5Svfi3p8IDOZsPMAmKGALP75ijdYSeFyDK2yHQKb5gqQIqBUFBvVA0uHlC8fL__NdY7hOLwXO8KF8ciVH6ShtgCcH9WNLOx9Lo4sP0lH9GpF0t0ZwCHaduBZKkTAa9XUU6ryfD1CgRFLKqb51d-Zz-sPp86qrQwoplxLDw1G0ww

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B9D6 748 B
767 B 55ms
55ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=65&ttfrms=7&brid=3&brver=121.0.6167.184&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauA%40%3FE%3A2C%3E252%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=868&ddur=33&uid=1708208981400167&jsCallback=dvCallback_1708208981400307&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5440&tgjsver=5440&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8891303795668056%26output%3Dhtml%26h%3D250%26slotname%3D9200663831%26adk%3D1139646415%26adf%3D3591968409%26pi%3Dt.ma~as.9200663831%26w%3D310%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708208979%26rafmt%3D1%26format%3D310x250%26url%3Dhttp%253A%252F%252Fpontiarmada.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1708208979536%26bpp%3D1%26bdt%3D343%26idt%3D305%26shv%3Dr20240215%26mjsv%3Dm202402120101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C710x280%252C710x280%252C710x280%26nras%3D1%26correlator%3D8137725721193%26frm%3D20%26pv%3D1%26ga_vid%3D1522731977.1708208980%26ga_sid%3D1708208980%26ga_hid%3D361656601%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1045%26ady%3D543%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31081188%252C31081222%252C42531705%252C44795922%252C95322434%252C95322745%252C95324581%252C95325066%252C31081168%252C95322181%252C95324155%252C95324161%252C95324434%26oid%3D2%26pvsid%3D3004240130396446%26tmod%3D1983950752%26uas%3D0%26nvt%3D1%26ref%3Dhttp%253A%252F%252Fredirect4.xyz%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D310&fcifrms=13&brh=2&dvp_epl=248&noc=4&nav_pltfrm=Win32&ctx=875628&cmp=31080322&sid=6316021&plc=383957415&btreg=575107441&btadsrv=doubleclick&adsrv=1&advid=2530996&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=628722708.0230377&ee_dp_sukv=628722708.0230377&dvp_tukv=193400066279.77335&ee_dp_tukv=193400066279.77335&dvp_strhd=0.1999988555908203&dvpx_strhd=0.1999988555908203&dvp_tuid=394154372701&jurtd=452061803
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: fc30be203f97cbf9c49b7db6f66b22a8558d2c6c956ecff7db21140a374cdd78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:41 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/16/2024 22:29:41

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B6F2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSvC5UzPRZbjdNP-_kPIPu9efmA7gqMTwda-B0cr5ErCQHxABINXo1EZgye6Oi8CkjBCgAd21luMDyAEJqAMByANIqgT7AU_QY9GNsl2rUUbeBKdBqi6-Il5iXBRjFH2kKdm-KY8grvdODN6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61e289f1d1faf0da0000000000000000%22,%222%22:%220x970b1c6209eb0cc70000000000000000%22,%223%22:%220xa02a69...

0
0

89ms
88ms

Fetch
text/css

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61e289f1d1faf0da0000000000000000%22,%222%22:%220x970b1c6209eb0cc70000000000000000%22,%223%22:%220xa02a69142f31310f0000000000000000%22,%224%22:%220xd7918a05a8c618d20000000000000000%22,%225%22:%220xa5785a6c028ea2b30000000000000000%22},%22debug_key%22:%2216830532869609418790%22,%22debug_reporting%22:true,%22destination%22:%22https://wilkinsrv.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221013291741%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218103302424969986097%22}&andc=true

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x61e289f1d1faf0da0000000000000000","2":"0x970b1c6209eb0cc70000000000000000","3":"0xa02a69142f31310f0000000000000000","4":"0xd7918a05a8c618d20000000000000000","5":"0xa5785a6c028ea2b30000000000000000"},"debug_key":"16830532869609418790","debug_reporting":true,"destination":"https://wilkinsrv.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1013291741"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"18103302424969986097"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:29:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x61e289f1d1faf0da0000000000000000","2":"0x970b1c6209eb0cc70000000000000000","3":"0xa02a69142f31310f0000000000000000","4":"0xd7918a05a8c618d20000000000000000","5":"0xa5785a6c028ea2b30000000000000000"},"debug_key":"16830532869609418790","debug_reporting":true,"destination":"https://wilkinsrv.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1013291741"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"18103302424969986097"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4fde2fa90b299f39ea779c47a4f393f5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 8 KB
8 KB 33ms
33ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/4fde2fa90b299f39ea779c47a4f393f5.jpg

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

529dc12b5cbfeb4a5c2e170dd649e6b148753385005680771cab4319444f81c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:28:51 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:28:51 GMT
x-content-type-options: nosniff
age: 50
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8124
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8d0b6bc1a5f132253ea828c1d85b8fb2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 8 KB
8 KB 42ms
41ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/8d0b6bc1a5f132253ea828c1d85b8fb2.jpg

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57b47dac0ec2b10c8f65753985cf0028b0751965fd7c8563df32786d2fc7273e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:29:41 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8540
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 573a9878d15e04ad8afb2eb7053a2c68.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 12 KB
13 KB 36ms
35ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/573a9878d15e04ad8afb2eb7053a2c68.png

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9469b9c9091afa28a875226a4cf99b386ee87566643a08210382d9575b767f96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:29:41 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12775
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1e12b92b74f97e063330ab4fa7a93629.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 5 KB
5 KB 34ms
33ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/1e12b92b74f97e063330ab4fa7a93629.png

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df6f6f41a8892552126baeaf26b3abf4c990bbf5b6489232db12d36c6f9b2a21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 19:34:21 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 19:34:21 GMT
x-content-type-options: nosniff
age: 10520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4835
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 df753e8eb52941d635ec97c05029e9b2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/ Frame 6584 3 KB
3 KB 42ms
42ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/media/df753e8eb52941d635ec97c05029e9b2.png

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b1ffe17c640ebec05a2c1913d898a0f1d9fb65c2ba415bf5fdaa6b573a39cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15340956597839903043/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 22:29:41 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2761
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 17:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 922D 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:16:26 GMT

GET
H3 200 bdr.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 254 B
282 B 32ms
32ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/bdr.png?1637007779119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e156d1bc25e96d0b8e2b50f10b0993887b728288470c8ab178a4049e4fb2e818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:16 GMT
date: Sat, 17 Feb 2024 05:01:16 GMT
x-content-type-options: nosniff
age: 62905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B62D 0
0 93ms
91ms Fetch
image/gif 142.251.167.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvHDLYHDpSVJu5Q0yfB8dhf820wTM9BqexUys2V6kt-JVi9lXzHo_6sz11or6_0BaNTWcV8MolU-gYGWPreXZHHOn6CzNr6uynbPSQPbjnJJJnuJE-VXZzjVuWEd2dsx4T_pKcQ1fAfXH5ahK9HZ4f_0iSRuQOxf905ArFMZ7dyZiULLouCNXjmg3D3bdP8XhTgd5xC-mfP_kxnBluz9vwviKRI8ICafFw&sai=AMfl-YTSHU-GUFufAJRZ2p5tHfjOyMn8an8DJYYmfAJAANZKngUl8ctULNJNeeF2UpuZyBib176ZS6v96FpgDrTy56ErHjHT4so0Vw0ip2ATHRPOj5mR5snW1zfmHY8rwHlxGYaJP0qKyD_kww&sig=Cg0ArKJSzIkpuNNyCOeKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9zY2h3YWIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=671&vt=11&dtpt=450&dett=3&cstd=218&cisv=r20240215.41224&arae=0&ftch=1&adurl=

Requested by

Host: lazarus.co.zw
URL: http://lazarus.co.zw/index.php/using-joomla/extensions/modules/utility-modules/statistics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.149 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:29:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
65ms XHR
application/json 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1754dca87a216948961f8a782ff8508d3d5b1f27ec52b293ebbed9e353bf7e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12211
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 6584 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:16:26 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 90ms
89ms Preflight
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:29:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bullet1.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 4 KB
4 KB 32ms
31ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/bullet1.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3a22ef087bea764ee94e11fcc569ea18a0694b885ea64b0952b51553469e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:16 GMT
date: Sat, 17 Feb 2024 05:01:16 GMT
x-content-type-options: nosniff
age: 62905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3939
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 22:29:41 GMT

GET
H3 200 bullet2.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 2 KB
2 KB 32ms
32ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/bullet2.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334cec9d9427ede95ef44ffc79c16746486b709c16836bde8227dc9935e42af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ctaBtn.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 2 KB
2 KB 32ms
31ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/ctaBtn.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5ae3694c353d3dd26647d028906e092266f006d5fc58b6c73996759b07c8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1566
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B9C 13 KB
5 KB 33ms
33ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 31854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 13:38:47 GMT
expires: Sun, 16 Feb 2025 13:38:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0BE 829 B
1 KB 115ms
48ms Document
text/html 2607:f8b0:4004:c0b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a984a77bcd5ed40a7bdba22b68f42e0762da6568e320106e884b86990c5179b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfcyGn5i3zpBIpgFLSedQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://pontiarmada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KfcyGn5i3zpBIpgFLSedQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:29:41 GMT
expires: Sat, 17 Feb 2024 22:29:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76B6 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCUmihXZrO9ivVq1wXyBN_kMgoP-xSPl5g-dMyLVeeXumVxoWNy3UbbLBuCa_CeR1Wn3TJB4M8RD4rAMOL3bkBjXBU0NBgnGJC95ovrj9bS_OVUVwEeLp84EcIZ2S9-W4nLhCHSk-v5DevIBcXmyOU2TTZjr21C95CyF2U_cen1XK4ZYNzSQ6obUAbZljvZTUt-_idrDFTJqH0aU98DPHuUwNkFYwP0Li2QPeIdV6ezT67h4fNUMl90zqIbFy-L01rjVLFsi5EGxICjfXA3JsmQTeJ_5P_bN-UJPd6FctpVhjvb9o24hUxDqQ0GOjeO7Qx_TJUM5rBoXOeBMp52AXlscelfOMm94-bxyuY4FOip669j1tbZWB-quU5aJe_E-zJeQXgRmJiGOt-yudZkFZ0mCUb2t2fOMQZrZ0HZkFLcqoO0YPHxrxdBNcUMtG_BTs5X5O_nzmaoaXN9UOQeV8z9DiEa7p_d3yPM_j9xCD2sFWQRsql2h9QCLj5Yvo_iAC7Tha6YLyTTWFbYAadq54jOen_x6d6zoqw0OG0vUjVXuoo3uvQvKWVnrr1ZuMXI4FPD-3b7742lwVSaVy0FPaGwRa72IQeWv7oCHmWeCYZnSLrJKtifxux5bAEgIGlqblh4i5HBN1kVBLuQhhCFr8u5OqXatpKFWV7_RR8RRGy3pmqXIk9uwuCB7RjpNLa9hX7HIRoGZhCCu1RGIeuFQu7_NXY6_M0MU-daiWz3MHIL-l3FRmxfXPKwWDWvvLpY34ax6WDz5-m_kOHtNxXWJj_YmBo4OBr4qxGZHeVhcT9DWJHcL9X85NG9St-TP9XisDXKMnK_751al7T646zsQW_UzL10P8ESuZlh82LwKz7eYdK3xctWCCr8Y_4iBlw-9D_BNP_2pvIr2Z7aYhGZBgtOtGnetaRb61YRlGkAU2VFMYrcWodszOeHwIbecDZ2_YrfGBNyYGvOTqLw1q0xu8LbvCExw0EasN3LKsS7gZLsT6c8zL4-mwQ-Tp0aeOMXWMM3QW-MC2yIat7jyDLnn82YcGRzqXb4MCFe0w_dZDVL3FXrnBqjAEzEd3Tnss-lBEkiXPWpAzEizVRSrc3W-U57IBlKcmrcrZJ-MCNq_GttpsQLqsA9oyqrnAhSNJnljdbbVByYdSSSENG20wpop_rAFzny4hbm0wyhc6baq2if5cCRyaj5oqcRUmQae6H5v35c5WR6QiVMy6nvxbOc92i0CYAjeK6g8L7feQACLhgJh0eV1aFKGE7qJM3QSaKeA2Kc20dToY&sai=AMfl-YTP3uuDvYtL-N5PGaW1peDNLKNexD4PdGuAiqtwhv2Ae1bFEjweyRWG7MF6o_xXVsoqN_HekLO_d9WTX4WZ9Jd5ESRHPAZRpBLs_DiyHIkXS8j2bYASpUPcBkAyiyM5-Beow1QaWUGT1ttopXQ6ZW7ewuAX4l65QrbpcF4&sig=Cg0ArKJSzGSP47dwLkraEAE&cid=CAQSTwAvHhf_0gr2JAE5SxwiuSi_qyC93hlBMPUn7Aua1m_uF5i6z6v0H7tuh2QcLVgbY47HzLIsmOfRHNu3mJ3cz7EUowsBVp7TstVgzTwm4A4YAQ&id=lidar2&mcvt=1000&p=0,0,280,710&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2194237227&rs=2&la=0&cr=0&vs=4&r=v&co=414178000&rst=1708208979807&rpt=888&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 divider.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 155 B
183 B 32ms
32ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/divider.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd166a1e61c70a62c7cf97fb71b74dca527d0a6b39d3cc5dd394337ad291785d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B9C 39 KB
15 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 12:16:00 GMT

GET
H3 200 finalTxt1.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 2 KB
2 KB 32ms
32ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/finalTxt1.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ea81c5ca9098c7d65efad347ef7788a5eb475690e472fa7599d44e1beb5a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2421
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 3 KB
3 KB 32ms
32ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/logo.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22cf351ac0dec25c36223253eace82df7c342b2141c4c689498098c03e96a032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3127
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jqueryadvertising. Show response
fundingchoicesmessages.google.com/f/AGSKWxUKER7ZpweXBmXEVp5PEmuKbbZ6gpeXM81izrFlMv7U6FKNI30Vun1PI7952Y24TP_tu4bfPRIhKFqsjCvpFGDIrHO13vE0WmOXEvC9u63t45A-_8g98GaAvwofmXIBd5kOce6INOcIhsgDgljZiMJwDCcEo... 54 B
110 B 54ms
54ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKER7ZpweXBmXEVp5PEmuKbbZ6gpeXM81izrFlMv7U6FKNI30Vun1PI7952Y24TP_tu4bfPRIhKFqsjCvpFGDIrHO13vE0WmOXEvC9u63t45A-_8g98GaAvwofmXIBd5kOce6INOcIhsgDgljZiMJwDCcEowG4jqaNgZ1gjbNp8vGqsUNpaRzel4m4/_/advpreload./websie-ads3./headerads./ads/rawstory_/jqueryadvertising.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07ef5d3c9313b5c5899b44a35f27c193523d7451c58be570d9620e2e728138c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e1Qwz3m2zUChsT5edWoxQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-e1Qwz3m2zUChsT5edWoxQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KghxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejqvPjqxjE9gw6cU0ZgANa0m6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 70ms
70ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0b37e325339f4ab3b078a75490abc91586771f89c9af5c8b967cf9ca9740af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51406
x-xss-protection: 0
server: cafe
etag: 3758958431277101659
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 22:29:41 GMT

POST
H3 204 AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 116ms
52ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c2r8V3RHzJHgYSi-JUywEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-c2r8V3RHzJHgYSi-JUywEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBcfXZkHZvAi5fHtjEDAAV5GVk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://pontiarmada.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 46 KB
46 KB 32ms
31ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/txt.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce7ac9c33b138fa9bdb7c1438ece0faed713ee720623c68afaff942c818fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 16:12:25 GMT
date: Sat, 17 Feb 2024 16:12:25 GMT
x-content-type-options: nosniff
age: 22636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46741
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0BE 0
0 87ms
87ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=3004240130396446&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8B9C 0
11 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eBwo1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 55ms
51ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sNe_9e9p_-AUk5jHQ0mMQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-sNe_9e9p_-AUk5jHQ0mMQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBcfXZkHZvAhhXXtzIDAAesGQE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 4 KB
4 KB 32ms
31ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/txt1.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f2f4fc9f7046591d464ba6672ab2f3af0aa8f3d001a033dcd39ac580f4f5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4182
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
48ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VDN3nZnFdEOMSmJ1mGldoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-VDN3nZnFdEOMSmJ1mGldoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBcfXZkHZvAhZZvB5gBB7MZJQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
52ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EwRRvtsah1qbHS7VsJMhsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-EwRRvtsah1qbHS7VsJMhsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBcfXZkHZtAw7uFB5kBAywY3A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://pontiarmada.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWYS2ZU5w-TqUA5OTf7K5rLrZPyTzTUrQDeAf2UATzbZN5EClcGR0DT77yYGiRrYfOyuE2m-E-DBnUU3zYcUeXYTiPOVe76XcmcPIye4xgWkyQzOL0q-MIcDJgpRHeT_avGLiZwuA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
65ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWYS2ZU5w-TqUA5OTf7K5rLrZPyTzTUrQDeAf2UATzbZN5EClcGR0DT77yYGiRrYfOyuE2m-E-DBnUU3zYcUeXYTiPOVe76XcmcPIye4xgWkyQzOL0q-MIcDJgpRHeT_avGLiZwuA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjA4OTgxLDkxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL3BvbnRpYXJtYWRhLmNvbS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5434c652713663fb47e6ebfdb0a78da78e92d0ba14fdc77dde9a6f1dc3184460

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KblZ7sg6XYrfbk0TsvT1Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:29:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-KblZ7sg6XYrfbk0TsvT1Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Oq8-OrGMTWDFt-glmAN22RIo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/18308565403228928397/ Frame FFC0 3 KB
3 KB 32ms
31ms Image
image/png 2607:f8b0:4004:c09::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18308565403228928397/txt2.png?1637007779119

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb5a47cc4eba0a6d85dee93aefaa35d5cb5ae9c34f561d88335a987047d3aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18308565403228928397/300x250_DisplayTraditionalADVRET_Mid_Elasticity_StockSlicesCompanyNamesV2_StandardBanner_Graphic_Animated.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 05:01:17 GMT
date: Sat, 17 Feb 2024 05:01:17 GMT
x-content-type-options: nosniff
age: 62904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2565
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:55:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B62D 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVJfC7cANtcxUR8MmFhCXmp8iDAEaaUfgPXXWdGT2-NJxi5sjJiaWwUs1VTsw88tJxOAs8oN0vYyLUd1MMoflMTg48glKbr5XMPL7i-UIfva0E3VeWiKgED21R6XKLnWA4eMHcT1VaetHmTHfuQEynvtGtxqPTDh4&sai=AMfl-YQwLlFldkRRbuTzqHWhgXDdAxfLSxSP1UtQOYj_zAju8qmqONfDOcox5OxVuqRjEh--tQYUCgZkVWKacw90L8Nt4N6BALxGbd4HJjlMhYpc0Cnpl01oh_C6vt4lzD7eTzwVwtwoXtHv98QJ1rpj&sig=Cg0ArKJSzH2AbyLkP6WBEAE&cid=CAQSTgAvHhf_61ZzMahsqTwtogS5mAhaUTn3bO3Kt_Hvf94LLidOBX8an3hWj04RKTjqO7_S6UQVi2op424i2u_9qZvmrXTtbreWK58zNP7gzRgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1139646415&rs=2&la=0&cr=0&vs=4&r=v&co=414178000&rst=1708208980240&rpt=691&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVeXB7R-2CmxQynVRY95qksiJI4jmYBLFl6rpfMcINFiql-jtObr4H8rK-NtK9BlFQcQ1pSCt-duqYO3nie6thnr25HFExgi5IuMuaapGRUCcKhRY8UeudRNul9JEpk8RZmYj59Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
51ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVeXB7R-2CmxQynVRY95qksiJI4jmYBLFl6rpfMcINFiql-jtObr4H8rK-NtK9BlFQcQ1pSCt-duqYO3nie6thnr25HFExgi5IuMuaapGRUCcKhRY8UeudRNul9JEpk8RZmYj59Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uvDAcd06gmdQ87Sn-Z09WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-uvDAcd06gmdQ87Sn-Z09WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXNce3ZkHZvAiptzBQDqJBg4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://pontiarmada.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
50ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvHgejkxN0kJN71Swj_wdUOblay0D1mQsIMfvD9yBvx0ttHb5htmk356WFV7wj-XEJToV0cOycft8-YOKIb4PiXGkelqS_5r5P7Sn4EW3iANeyAZwG8xN58IHTXiSSYQ9A-R5ksw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4z9VOK4gw_xUgdMTrImJEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:29:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-4z9VOK4gw_xUgdMTrImJEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXNce3ZkHZvAju4r_ADshhg7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://pontiarmada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6F2 42 B
64 B 92ms
91ms Fetch
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqFcsvj8cBmtOgKRVKjkymnoDDK_0I0ly6BRY-dk3-m_Jg9SrFv20x46W5zkNOHwiL7claM8rzj5RiqmsN-UlQUPM6hjovTllxD5af9QTleNkL8VlITGtgvr2uS0aYoLe0ZAUCs1PT_PLXKjqhgWa91GDiuQ0_9B5VEgy8xlmCC56EwF0GfzwsIHl2_XKXIcg1XHWyWd9d5rTlr2IzHWAL7f-DAQWfmQw8sHjvdd3sRW-GwheHUCdsrAfSMtFukAIan6BdjPAn65kfOlDH-CczVSG9ADjaRA95XaYNr8AGzI1fIxQDp-Na9P0X4Non8hpJH2sVm5R2CzUWFWd8tIUOllvzTNIj0g9FNdRJzVlf1RCiXqjlBDmLCOjWCqSO0c05gYrZdA0aHnOeP2OL-9LRjHCuxxMUyPgbHirhRadw6Fo-iCEtoCaHRwIPIGET7Z6yRDewE7C76tVuyLpcT3S-v3nSwZV_kowQ5-HAKbnom8YBnaMcyEUL0J8iic8VdJ4BQV7X18fAw5omvf4OtO9_YglSpViBm3BNJxa36fEYnHjTIX18ZjyuV3lmDpzUC3-OTONx-Qtnh9DxTPtJtBygK2n10n3spHzLzROxcqboYPgJkhT25CVJK0k-p8So96uLDWY2pNZuHCl-FN7WPGhVlI3NWh2BtwtT3PlD5YZZ-iRuf1ZxXtZ732TQZZNI6GY1C1PwhscWA9gzKm1DrKzdH16ivNDMOdLDSjgua_oaIVSGZoTyNW7cMTHNzNMXD8BwOrFxz4T-YHm32aggRwjcgmY4M_PdQCBokDkD1suOqBbypXnAReZqBzzNLgBAK0VDLtlSdVSPykhHtA2NQ_noVdWgJdbfoUS43j_xBVUqZW96-WD4zy4inGpoQ2L6hR56VnT5DlTE4GQLBRZo8ySiZQRCcfnNi1r-eGEO5hbsqCwIpriKqQhategB-2v_iptL1ccdwjQKlNQ-LORJdwsFgH8iLEKYIl49yG_11x-ChN3eMQPvY46ks3WMaCaLGamRyEygEeQCfm0HqJIxrAJta-IvfSfeB5_hOcuwoP9Bls-OWG7xdPw0G0Vwy4Afa1eN9JCXr79BAotdgBqGV_9-Q23Zvhbaxi8hwanjoK1wXtRw6zZK5jD3ymC7vYAo7R33upsprxkk_P1akZnIvbKeCynESGuEV4Sw_8WWV-JRbgwq90M_gg&sai=AMfl-YQg5aE0RdXDkLMGDXxpbP9LrA6KqjtTmuMcttC8ofVuatFoo-0cyqvGaTgXGbAzxCLNs86S789s7IpcvSXZmgrfqohEVUwfIx_tX1yzJsERIBcYGHAA7mQZ4t0tYzpgioom14Zs4YIlLGKeNm6ImS87BVdPeQYWphUW3h8&sig=Cg0ArKJSzKwaBhLszgV7EAE&cid=CAQSTwAvHhf_QLepJ8kdUucu-sRmI1NRgHq2WrArqxQotopyL6XxHAB3ItK1b4KHb_jKwSXz3oPY11n6M-wpXppVjcsFibz8pv188bjm8pqJDdgYAQ&id=lidar2&mcvt=1005&p=0,0,123.98565673828125,1005&mtos=0,743,1005,1043,1043&tos=0,743,262,38,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&co=414178000&rst=1708208980646&rpt=346&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=3004240130396446&bg=!2Nul25TNAAZN4L4YbeA7ADQBe5WfOGcV1BVO8AbrTz2zeSTbRzYgui7SvyS_u-f0t3zN8i7EMhI3aXf4PNXgtbF-IQMcAgAAAGVSAAAAAmgBB5kCz1T3U5u50zTbl8WOmVxv3QIpShj8n6yWKgA8txu9COg0ZnNmHAGKm4CbeA687oBoMZxOA35HWAVDkVxkzPWkay21coByQYRBr3wK1y70qcKhtKH3rM01rI2YLO5RjkEfe8wQL8yfzNJZLCIbzscHLRWxcBirI798wCpK0xtZqiQVutP6pyIwn53667oDlEQzpcD7pBNt2BIpQyab6bcaCw1jIFI1DSvnjRfy1cBPYD-nhRvI_uysuaEr-QQjixpGTRL5l24Kis4TfTjeFxCJ36jGUo5ulyNpEnaCxD3b3GlkGS4JeHz7R0sDBelC4Zm4-z9oXLOaGhX9e95dpLJ6im9iFWNGewuUjfVSjmf9Zgs8QDi489SU5mPD6VZaohdSTpFsh_A1zDUc8M0HIrjqJ69m01mS0nte_HCNrQh7mzy7n480I0e7nSQ5DeY782Wbtae8zTRwNcxfLu2L4L-iBuSVn-0bE9e3pzV0iDPCGcrPorT9aDzeWs561E4ndT3jV0QEoGVGNmGc9H0e6nan07D02GgYI5BPExTiWzur5EqR4az0fbkAwgl3JxmAFDMS1Rp5F7VuuwsitOttc4wnIRt7XFyL_tcqwxP7giGcYGBRzcgCXlCYBfsVgoHLD_3szDbeMMUpSkEd_jt8Ic41vxPEr9Cq7QDVTVo_FlvVb1PVVm0kkCOp1rOiEumRGDwuC8xjciMqXr-IK8zwX3DcSsXcf9fnTsUWhI7MmSfwCn8pQWAu5PgLiIlVHcxtMb88fo443yp3I9J719g6KOBjIZtipBzSaMHgqwDPhXjdFctDlrwcGPUGeN5cENlXd-QicleHAQu14x12H5tFk_qz_pXM3bf8CUmCB1dzpObZ_z7ICxk6eD6OUEDgP1mZ2r8uRG5x211vBD59_C4O2QA8nfi-I2iSRVoVhsIVwT-Uj1JHlPunrUB8DoapIMaVpHOq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B62D 0
20 B 94ms
93ms Ping
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=361472523860&version=m202401290101&ct=76&x=1&cor=15738414850204460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame E7DE 0
308 B 103ms
45ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=4812b8634b0d431a99a49150d360a5d9&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_tskt=ctdetms%2C184%2C8%3Biabletms%2C194%2C3%3Biadletms%2C196%2C0%3Biadcetms%2C196%2C1%3Bialeetms%2C197%2C1%3Bicifdetms%2C198%2C0%3Btsetms%2C167%2C27%3Bipvietms%2C179%2C3%3Bprvietms%2C167%2C25%3Bfvietms%2C192%2C2%3Bpovietms%2C193%2C0%3Bimaetms%2C183%2C10%3Biesuimestms%2C167%2C16%3Bsrbf%2C0%2C1%3Bal65536%2C226%2C1%3Bal128%2C226%2C7%3Bal8%2C233%2C0%3Bal256%2C234%2C81%3Bal65536%2C1227%2C0%3Bal65536%2C2228%2C0&ee_dp_asmm=1&vdur=212&eoid=22&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5440&sdf=67108868&vit=2&rmi=16&tltms=33&tetms=9&msltms=68&vltms=212&sei=289&vetms=60&tuviims=202&tuviems=474&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2397&ee_dp_gmrd=1&ismms=61&isumms=60&nvr=6&isgmmims=61&isgmv4mims=61&elmtp=1&isbxdms=2366&b0=100&b11=2492&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2592&sftb=2592&msrdp=3&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=990&isuiabvms=990&isgmpims=245&isgmv4dpims=990&ispmxpms=990&engalms=59&engscrlms=245&dvp_pageEng=true&dvp_dpr=1&vstsz=758&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3294
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:44 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-16T22:29:44

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame B9D6 0
308 B 45ms
45ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=88d28fb5cc6a4df4b8b552b78cca12f0&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=575107441&ee_dp_btros_64=0&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=56&eoid=22&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5440&sdf=67108868&vit=2&rmi=16&tltms=33&tetms=6&msltms=46&vltms=56&sei=290&vetms=91&tuviims=73&tuviems=220&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=3&ee_dp_rbgms=1&msrcanlm=392&msrcannum=3&ee_dp_tmads=2255&ismms=20&isumms=19&nvr=6&isgmmims=20&isgmv4mims=20&elmtp=1&isbxdms=2220&b0=100&b11=2226&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2326&sftb=2326&msrdp=2&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1020&isuiabvms=1020&isgmpims=143&isgmv4dpims=1020&ispmxpms=1020&engalms=19&engscrlms=143&dvp_pageEng=true&dvp_dpr=1&vstsz=773&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3154
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:44 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-16T22:29:44

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
39ms Ping
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBKKV0FTSN&gtm=45je42e0v9109091153za200&_p=1708208979347&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1522731977.1708208980&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AEII&sid=1708208979&sct=1&seg=0&dl=http%3A%2F%2Fpontiarmada.com%2F&dr=http%3A%2F%2Fredirect4.xyz%2F&dt=SPORT%20NEWS%20%E2%80%93%20pontiarmada.com&_s=3&tfd=7128
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBKKV0FTSN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://pontiarmada.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:29:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame E7DE 0
308 B 44ms
44ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=4812b8634b0d431a99a49150d360a5d9&flavor=0&gdpr=&gdpr_consent=&isbxdms=4965&b11=5094&iabv5=4965&lftb=5194&sftb=5194&eoid=23
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:46 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-16T22:29:46

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame B9D6 0
308 B 44ms
44ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=88d28fb5cc6a4df4b8b552b78cca12f0&flavor=0&gdpr=&gdpr_consent=&isbxdms=5020&b11=5028&iabv5=5020&lftb=5128&sftb=5128&eoid=23
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 17 Feb 2024 22:29:46 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-16T22:29:46

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pontiarmada.com/	1970-01-21 04:06:08	Name: _ga Value: GA1.2.1522731977.1708208980
.pontiarmada.com/	1970-01-20 18:31:35	Name: _gid Value: GA1.2.1229688419.1708208980
.pontiarmada.com/	1970-01-20 18:30:09	Name: _gat_gtag_UA_107533837_1 Value: 1
.pontiarmada.com/	1970-01-21 03:51:44	Name: __gads Value: ID=358734329bd07303:T=1708208979:RT=1708208979:S=ALNI_MZxwUByA0cAlLPXYF6t3CNPtkkZTQ
.pontiarmada.com/	1970-01-21 03:51:44	Name: __gpi Value: UID=00000dcad3e8f163:T=1708208979:RT=1708208979:S=ALNI_MZTKBVD1fO9XSO_au0NiWzamDht7g
.pontiarmada.com/	1970-01-20 22:49:20	Name: __eoi Value: ID=2fc5ebfa13b8ad19:T=1708208979:RT=1708208979:S=AA-AfjbX3-WFT6hH4lY_vvuEQdTE
.doubleclick.net/	1970-01-21 04:06:08	Name: IDE Value: AHWqTUlt-z_Kh_I4FwVlRcz2ejxeYOivLe-SGaNrHjaRQUJ6DcHEaPTtdj3kyRBc
.doubleclick.net/	1970-01-20 18:30:09	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-21 03:15:44	Name: CMID Value: ZdEzVEt3ubsAAGHHAA8FcAAA
.casalemedia.com/	1970-01-20 20:39:44	Name: CMPS Value: 1255
.casalemedia.com/	1970-01-20 20:39:44	Name: CMPRO Value: 1255
.adnxs.com/	1970-01-20 20:39:44	Name: XANDR_PANID Value: Go-ic1IU23lCGBn0dlEebNVNpqG9LS_9xxTYYqIHxhB8pKY52i4j2BbueJxEq8g08d_2BxJSNgCCRnucY-OcwANBG1VDJowY2xkRTh2puy0.
.adnxs.com/	1970-01-21 04:06:08	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:44	Name: uuid2 Value: 6204991089578632453
.doubleclick.net/	1970-01-20 22:49:20	Name: APC Value: AfxxVi72lym_JU887mG6KS0-DTziOxLJFLVwoQ7P3EsZW9I1UPxlvw
.doubleclick.net/	1970-01-20 22:49:20	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVIH!/J!@wnfH8K6pQK`!5=E<L5?%M[802)ki#Lm7]5i54xxH$ka.d'C2[q6/S@z0bpRzqF1`b_KR*-np`
.pontiarmada.com/	1970-01-21 04:06:08	Name: _ga_HBKKV0FTSN Value: GS1.1.1708208979.1.0.1708208981.0.0.0
.googleadservices.com/	1970-01-20 20:39:44	Name: ar_debug Value: 1
.scorecardresearch.com/	1970-01-21 04:06:08	Name: UID Value: 1A6749292c99808f68775481708208981
.schwab.com/	1970-01-21 04:06:08	Name: _rtagid Value: 65d133556864301753dbff52
.pontiarmada.com/	1970-01-21 03:15:44	Name: FCNEC Value: %5B%5B%22AKsRol9EVXVQF7_Oy6CERFlUaUIOhGnmxl67DHISEjBBO8xaWwZFFBB6Xjb3Ckq-ipsQ7JJxQX1WMk1w70LOGAQMhvj7yvS8KMD_g8ULvO3dpkUg3N_9xUmsX2AKA1q-If_BAL4HrXVZDuaIDQ773efv36SuCibXxg%3D%3D%22%5D%5D

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://pontiarmada.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
cdn.doubleverify.com
cm.g.doubleclick.net
code.createjs.com
count.schwab.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
lazarus.co.zw
pagead2.googlesyndication.com
pontiarmada.com
redirect4.xyz
rtb0.doubleverify.com
s0.2mdn.net
sb.scorecardresearch.com
tag.researchnow.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.18.36.155
142.251.167.149
162.215.118.10
172.253.115.156
172.253.122.156
23.48.104.104
2600:1402:8800::1728:cd8a
2600:1408:5400:23::b819:7f4b
2607:f8b0:4004:c06::71
2607:f8b0:4004:c06::84
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c09::95
2607:f8b0:4004:c0b::69
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1d::5e
3.161.213.115
3.162.3.20
34.117.228.201
41.221.145.2
66.84.29.14
68.67.160.117
0137c21026bfb70d6c38ea2c4bfe12b1ce6d9e9765f061a87afa10e89100e41d
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
07ef5d3c9313b5c5899b44a35f27c193523d7451c58be570d9620e2e728138c0
08fc618c45475a736f3f14120d652048fd12c66fa248f988359349468f1b2c3a
099e06383efbcad24950563fc729d3d5220e731d2ba569c3704b9573b9aa27b0
0aa7681ff91a1b1ca1dbae823869bb2db6251ecb3638bc09aed0132d1c6301b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e3284cda32f135362b3d12233517d26f8fc98a0ecd1b70750033516a9098add
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
10a5e7480e1f507dd16b5eac219395102aa0ed03745de91bd9c1913644f7418e
12a5f48166695a310280b55869487f2f3208ee30661879bcf0ec7c13d022c5e7
13eb7692c61b6b00555bf65ad4ec452441910715d6e2c81b1e99d6d008b38b90
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
1754dca87a216948961f8a782ff8508d3d5b1f27ec52b293ebbed9e353bf7e7f
1fb5a47cc4eba0a6d85dee93aefaa35d5cb5ae9c34f561d88335a987047d3aa8
22cf351ac0dec25c36223253eace82df7c342b2141c4c689498098c03e96a032
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25040f0dc1415698c9b0e97ecc4a69f3810d1cc03115e968c385b8853b1566ac
272ed21c82e5d27117668349a64eb3e9b84dafa41a10a5f1350fd83097795442
27aa16d30fba03663851d0e3ae817ddea9fbb8ff37bb91e60015e7f27e1f6d18
27bcaf5156b678a1a4d243b255561fb5d3e5191fb08d4e27e01b0e7960f8ea09
286d93e1d3abaf986eb3246df05ceaeb3b157831a13fa17d5349ec56c4ba38f1
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2f77807e92c449bfa6c398ee90d6d185ce96a69f8b8bf35cafadc37c2483d532
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
334cec9d9427ede95ef44ffc79c16746486b709c16836bde8227dc9935e42af1
3715577017a81981822750d6021cefbf2cf852f29bdb0b054d6496661c6048a5
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
396400a41b96c582794a8ca60ad2a7269537dd8a84e84d979abbc4350dcf4744
399db455d154502a629bc10f29a2f8d218fbaaa413386a12a6fdfeed79a073ab
3a7cfd4459b52bd969e18b34a7f9e57f9d0d3f6c44388ea5a41bba4eb6bb2323
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2
406f3c16fae88e2e1f681820091b978d2db783a8ac4736a4e85a47fe29fb908a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41de9d2ca203452dffd65d9c1799050755d1d160afa8030e62022a664db58b52
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce7ac9c33b138fa9bdb7c1438ece0faed713ee720623c68afaff942c818fdf
5041fcff2a585dd4bce6452563f58cef537ce6ba245dd20d77eac9eaf6d0e2db
529dc12b5cbfeb4a5c2e170dd649e6b148753385005680771cab4319444f81c4
5434c652713663fb47e6ebfdb0a78da78e92d0ba14fdc77dde9a6f1dc3184460
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b47dac0ec2b10c8f65753985cf0028b0751965fd7c8563df32786d2fc7273e
5975ee4a7fd7e109e97190f0d0938e381dbdc5c7da79cb94f9f467eefb3baa0a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f2f4fc9f7046591d464ba6672ab2f3af0aa8f3d001a033dcd39ac580f4f5c7
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
64a971e7cb92f4f5884415b305a42038b0500a8347e855626c3c5cc15de4982e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f563de98820a07815cb5e9167a44b6cf6c09ad36cf6fc428a22a178dc9af671
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
796404fb174b62713f8d6c6718ff93eb38f8456703e3bb97032fdcc0ae4549f4
7a63005fe820559e09ba5303a236ceaceb20700f320122350ed183f66889116a
816b3c9801b0d5eb142d952eb6c2285bfc8e32f28385fc28695240c93586a59a
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8c3a22ef087bea764ee94e11fcc569ea18a0694b885ea64b0952b51553469e2f
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
9469b9c9091afa28a875226a4cf99b386ee87566643a08210382d9575b767f96
9688d9f446a6f3e1b74b5ff9bc2df6b382f7f465c754cdb6f63bbbf0b53a2eb8
98ec431db7cffaac335d1a99daf0dcd79b8df1729e7f08949df2c268d181a344
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5b1ffe17c640ebec05a2c1913d898a0f1d9fb65c2ba415bf5fdaa6b573a39cf
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7a28050d822e5312cb013908461024b7f82e440b0d65aa68dcbdc79c96a8139
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
a984a77bcd5ed40a7bdba22b68f42e0762da6568e320106e884b86990c5179b2
aa0b37e325339f4ab3b078a75490abc91586771f89c9af5c8b967cf9ca9740af
aa2f4dcb6e9be1273996caee407469425d2b7aac3e896224116862ebff74f53e
ae680a317a550a5c897714e2f379dc493a83ae2da421c1ad73a17198e074c0e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fd72473375a655ac9af0f502efc5727cb8791343d28a797a63821688809227
b61a0b37ab34701b86fe1eba7b582ce66cc9708cdb2e36af7fb561e8779f2439
bee6e3255f5306c3fa19402509ced2ddaf7e6e05c2b39ca2dc5c9c2874b94107
c2ea81c5ca9098c7d65efad347ef7788a5eb475690e472fa7599d44e1beb5a59
c8257285ff028dbe7e88750e3b5cb973c95f16aa81b6b5d8cc050cdf5f702ec8
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d72cc43cd292571dac7823e1a28a82927b237c9637f7b81fcd4b1f248092fdc0
d73f5e98f9eb64253d822be922621d2e92247aa8053c8029b98ea3c7fab0af70
d86d3fe8311972f672b247e3659d14fc9a197d23978023b275ff29b16511e248
d87b96745b0de748f3da3da6ac679a71b50705f3f9dc67fe5f86d613f1e9ef1c
da987579de9da8415a181018975e5dd61496f7f6f1a7e93a55e85ea6c5e7ddd4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de761c17eac4e98f0e21f49fa3929adcf3ff8c25aa5d78ea67ac88085fbf3f8d
deb36e1415642450583c55b48127df16c5faf6cdb7b13a85da498aebdc3bf6b2
df6f6f41a8892552126baeaf26b3abf4c990bbf5b6489232db12d36c6f9b2a21
e06a4d6ea8336635f0b20f6ea7cbc13263eb5bfca382c4f156c7a76f0732743f
e156d1bc25e96d0b8e2b50f10b0993887b728288470c8ab178a4049e4fb2e818
e2b2af567f6046978c1d90d551a3ae096504538d67126b788a33e53420f6f660
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5136dc38ef1acef9d4d52b173a0c69fc2a8ab32e7625e86b44487f382793e80
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e9b3746296d37ecd3dbbc7a512326695cbc299195129a99e0c02c64f5b067f5f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ee14bc6bda17c948c3136c5b039935dcaeb836df8703fa45778f26100ec51047
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04858f6b85b6bc28eb4c790e576ecbf47687cb839e746b5656b2cf2ed3a6a4d
f354ac0964036e2655926b00b97dd3aa88ebf594031d0b094ba09e9c9d4e366c
fc30be203f97cbf9c49b7db6f66b22a8558d2c6c956ecff7db21140a374cdd78
fd166a1e61c70a62c7cf97fb71b74dca527d0a6b39d3cc5dd394337ad291785d
fd5ae3694c353d3dd26647d028906e092266f006d5fc58b6c73996759b07c8bb

pontiarmada.com Open in urlscan Pro 66.84.29.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

82 %HTTPS

52 %IPv6

19 Domains

28 Subdomains

26 IPs

3 Countries

2614 kBTransfer

6480 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pontiarmada.com Open in urlscan Pro
66.84.29.14 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

82 %
HTTPS

52 %
IPv6

19
Domains

28
Subdomains

26
IPs

3
Countries

2614 kB
Transfer

6480 kB
Size

22
Cookies

179 HTTP transactions
5 data transactions