jita.fun Open in urlscan Pro
104.149.199.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jita.fun/18770.html
Submission: On May 18 via api (May 18th 2023, 7:06:56 pm UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 25 domains to perform 149 HTTP transactions. The main IP is 104.149.199.150, located in Los Angeles, United States and belongs to AS40676, US. The main domain is jita.fun.
TLS certificate: Issued by R3 on March 10th 2023. Valid for: 3 months.

This is the only time jita.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	104.149.199.150 104.149.199.150	40676 (AS40676) (AS40676)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
1	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	23.201.243.171 23.201.243.171	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2408:8779:c00... 2408:8779:c001:3:70::17	140707 (UNICOM-NX...) (UNICOM-NXZW-IDC UNICOM Ningxia province network)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.246.231 18.194.246.231	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	43.152.28.37 43.152.28.37	() ()
1	2.16.241.10 2.16.241.10	() ()
1	240e:e9:6003:... 240e:e9:6003:211::113	() ()
149	33

29 104.149.199.150 (Los Angeles, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

jita.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.243.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-243-171.deploy.static.akamaitechnologies.com

v.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2408:8779:c001:3:70::17 (China)

ASN140707 (UNICOM-NXZW-IDC UNICOM Ningxia province network, CN)

vm.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.246.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-246-231.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.28.37 (None, )

ASN- ()

beacon.cdn.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.241.10 (None, )

ASN- ()

puui.qpic.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:e9:6003:211::113 (None, )

ASN- ()

h.trace.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	531 KB
29	jita.fun jita.fun	886 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	123 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	256 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	955 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	16 KB
6	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 209 fonts.googleapis.com — Cisco Umbrella Rank: 35	33 KB
6	qq.com v.qq.com — Cisco Umbrella Rank: 10879 beacon.cdn.qq.com h.trace.qq.com otheve.beacon.qq.com Failed	21 KB
6	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1690 m.addthis.com — Cisco Umbrella Rank: 1634	219 KB
3	gtimg.cn vm.gtimg.cn — Cisco Umbrella Rank: 73507	228 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1255	462 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 682	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	697 B
2	51.la js.users.51.la — Cisco Umbrella Rank: 67310 ia.51.la — Cisco Umbrella Rank: 66627	3 KB
1	qpic.cn puui.qpic.cn	67 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315	460 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 722	718 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	598 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 101	74 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 476	1 KB
149	25

	Domain	Requested by
29	jita.fun	jita.fun
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	jita.fun pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
9	www.youtube.com	jita.fun www.youtube.com
7	cm.g.doubleclick.net	1 redirects jita.fun googleads.g.doubleclick.net
5	s7.addthis.com	jita.fun s7.addthis.com
4	www.gstatic.com	www.youtube.com www.gstatic.com googleads.g.doubleclick.net
4	www.google.com	1 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	v.qq.com	jita.fun v.qq.com vm.gtimg.cn
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	vm.gtimg.cn	v.qq.com vm.gtimg.cn
2	sync.teads.tv	1 redirects jita.fun
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	h.trace.qq.com	v.qq.com
1	puui.qpic.cn	v.qq.com
1	beacon.cdn.qq.com	vm.gtimg.cn
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	ia.51.la	jita.fun
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	z.moatads.com	s7.addthis.com
1	js.users.51.la	jita.fun
0	otheve.beacon.qq.com Failed	beacon.cdn.qq.com
149	40

This site contains links to these domains. Also see Links.

Domain
gangqin.fun
luntan.cool
www.lrctw.com
wapqq.com
www.youtube.com
www.pettw.com
shici.ltd
www.shici.ltd
fanyi.cool
gudongtw.com
paocha.fun
www.51.la
zibll.com
wpa.qq.com
www.addthis.com

Subject Issuer	Validity	Valid
jita.fun R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
file.mc.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G3	`2023-02-21` - `2024-03-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.cdn.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-14` - `2023-07-16`	a year	crt.sh
toma.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-07-20`	a year	crt.sh
feb10-2023-2.ias.qq.com DigiCert Secure Site CN CA G3	`2023-02-09` - `2024-02-08`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://jita.fun/18770.html
Frame ID: C984E87D6B080A428517D4C576D7F72D
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6ryw365HpTA
Frame ID: C58360512E82CA345368D7A18E46333A
Requests: 21 HTTP requests in this frame

Frame: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Frame ID: D4E240B9A431E4BBEAB5D9A2E0BE8C2E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 90C03159B2D01B9FF6926D69706870CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&adk=1812271804&adf=3025194257&lmt=1684436809&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjita.fun%2F18770.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808934&bpp=6&bdt=1087&idt=582&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8767378039312&frm=20&pv=2&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=623
Frame ID: F4E94C5F9715CF7D4325DB29CFE0EB0C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=1863033433&adk=2043962088&adf=2266841347&pi=t.ma~as.1863033433&w=1200&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=1200x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808940&bpp=2&bdt=1093&idt=707&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1LjeLU1uI&p=https%3A//jita.fun&dtd=717
Frame ID: 0402B9A120DCCC7FB62E6C7D7ED13D48
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=8549019498&adk=1795206994&adf=2572311781&pi=t.ma~as.8549019498&w=984&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=984x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808942&bpp=1&bdt=1095&idt=727&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=145&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=V4xwkzeU8V&p=https%3A//jita.fun&dtd=731
Frame ID: C4E9239E040020FA7D721547D7B21A72
Requests: 15 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 91BA5CFEFA2C46268FFB1868E59B3108
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0AB431F2523C5D71890295A74C957F6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22
Frame ID: 273264C5724D672763120E01D5650DA4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: DD85B2C1F22E2E822CF66614191B06DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 28519811F9AD32EA55A895259DE493DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 780E282162B45D1A90A7EB328918BB13
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42BE22D501002746B692C0B5977A40DD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: C093E52607D9C85455361A7E4EE9D80A
Requests: 1 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: 2326AAEF82DA7FC8D38B992BD8CC0272
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 828DAD2AA5F9F2DC7CB83AD50E89EB5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9D71A60A2C514DA2F405695F43A463D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

落日飛車《落日飛車我是一隻魚》吉他譜（共4張圖片）-吉他譜FacebookLINEPinterestWeChatTwitterWhatsAppEmailAddThisFacebookLINEPinterestWeChatTwitterWhatsAppEmailAddThis

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

89 %
HTTPS

59 %
IPv6

25
Domains

40
Subdomains

33
IPs

5
Countries

3526 kB
Transfer

8728 kB
Size

23
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://gangqin.fun/
Title: 鋼琴譜

Search URL Search Domain Scan URL

URL: https://luntan.cool/forum-2-1.html
Title: 吉他論壇

Search URL Search Domain Scan URL

URL: https://www.lrctw.com/
Title: 歌詞網

Search URL Search Domain Scan URL

URL: https://wapqq.com/tags-of-tea
Title: 茶葉大全

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUwvGOgBmtq26pUW8GwB0_A/videos
Title: 粵語歌曲諧音教學

Search URL Search Domain Scan URL

URL: https://www.pettw.com/
Title: 寵物

Search URL Search Domain Scan URL

URL: https://shici.ltd/
Title: 書法

Search URL Search Domain Scan URL

URL: https://www.shici.ltd/gubi
Title: 古幣

Search URL Search Domain Scan URL

URL: https://fanyi.cool/
Title: 古文

Search URL Search Domain Scan URL

URL: https://gudongtw.com/
Title: 古董

Search URL Search Domain Scan URL

URL: https://paocha.fun/
Title: 泡茶

Search URL Search Domain Scan URL

URL: https://www.51.la/?comId=21283137
Title: 网站统计

Search URL Search Domain Scan URL

URL: https://zibll.com/
Title: 本站主题由Zibll主题强力驱动

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=770349780&site=qq&menu=yes
Title: 联系作者

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://um.simpli.fi/gp_match?google_gid=CAESEOAG_-BI52Ww_gjnMwPUyMw&google_cver=1&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Zvl6HJELdWhXUxkcsE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9A41ABBDBD54F4D86BEB7FB96A2A16F&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Zvl6HJELdWhXUxkcsE

Request Chain 125

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGio1tCcFBH41WqFqL-Txy4&google_cver=1&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGio1tCcFBH41WqFqL-Txy4&google_cver=1&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4&google_hm=XV8I62PlRg6POdF1kZNU2w==

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOU-eP04fMjPfRxQvpALgk0&google_cver=1&google_push=ATf1kGPbCNUjGlWHhsh3dp85hwVtb0ux58qgZtpp5JBB2OpUCMgfOd7NpcdjpLxLkVVuj3Xdk7ddTllpxus9Y1VgZ1rEyqiAdanhE3Oz HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOU-eP04fMjPfRxQvpALgk0&google_cver=1&google_push=ATf1kGPbCNUjGlWHhsh3dp85hwVtb0ux58qgZtpp5JBB2OpUCMgfOd7NpcdjpLxLkVVuj3Xdk7ddTllpxus9Y1VgZ1rEyqiAdanhE3Oz&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XwnWjbqqRGW7XRJwCF245Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPbCNUjGlWHhsh3dp85hwVtb0ux58qgZtpp5JBB2OpUCMgfOd7NpcdjpLxLkVVuj3Xdk7ddTllpxus9Y1VgZ1rEyqiAdanhE3Oz

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJsmsg53r2WiCmEdKp_VVLc&google_cver=1&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJJdETH2oIkAxh2UWk6kpT5W9tCt5M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhUSTZQUUMtVy0zSkRE&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJJdETH2oIkAxh2UWk6kpT5W9tCt5M

Request Chain 128

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_cver=1&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZPROdpxbTwNN_YtZTgcYUCxrt7Dc7b-c9BZj48YjV_bNe2Go_WbxmxAyfH2gK_6UP5Sly HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZPROdpxbTwNN_YtZTgcYUCxrt7Dc7b-c9BZj48YjV_bNe2Go_WbxmxAyfH2gK_6UP5Sly&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_hm=ZGZ3SxUNNsX4oXTKw2xsJgAABI4AAAAB&google_nid=index&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZPROdpxbTwNN_YtZTgcYUCxrt7Dc7b-c9BZj48YjV_bNe2Go_WbxmxAyfH2gK_6UP5Sly

Request Chain 129

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFC0B05hOuJaBowEpvOoxE8&google_cver=1&google_push=ATf1kGPwBnDEQMV0ZEyq_CYV924hM8w8J-xLGx80E184171Sx5rtoPUa2-NxI7ngWgacm6q832FHnY-7BuKmXxUqDE_9nWq_nJHXhySIvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPwBnDEQMV0ZEyq_CYV924hM8w8J-xLGx80E184171Sx5rtoPUa2-NxI7ngWgacm6q832FHnY-7BuKmXxUqDE_9nWq_nJHXhySIvA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

149 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 18770.html Show response
jita.fun/ 61 KB
14 KB 2138ms
1338ms Document
text/html 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

2b28e34d1a077fd6974e5291a14661a4fa3a4ee139121ffca55b81f8e68fb3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 18 May 2023 19:06:47 GMT
link: <https://jita.fun/wp-json/>; rel="https://api.w.org/" <https://jita.fun/wp-json/wp/v2/posts/18770>; rel="alternate"; type="application/json" <https://jita.fun/?p=18770>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-pingback: https://jita.fun/xmlrpc.php

GET
H2 200 style.min.css
jita.fun/wp-includes/css/dist/block-library/ 53 KB
9 KB 148ms
147ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-includes/css/dist/block-library/style.min.css?ver=5.5.7

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: nginx
etag: W/"5f47f4c6-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 bootstrap.min.css
jita.fun/wp-content/themes/z403/css/ 98 KB
20 KB 294ms
292ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/css/bootstrap.min.css?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

009f296a48b6d964926b0a91818de7327f057084f9d70f148b5d73e75d2b4c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 11:11:16 GMT
server: nginx
etag: W/"5f7c50d4-18780"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 font-awesome.min.css
jita.fun/wp-content/themes/z403/css/ 30 KB
8 KB 294ms
293ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/css/font-awesome.min.css?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

a0cc4c375abef624785e18452bc1d894418ad3bf04d8d4e0770720b08e43f5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 19:54:44 GMT
server: nginx
etag: W/"5e372904-78d8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 main.css
jita.fun/wp-content/themes/z403/css/ 90 KB
22 KB 295ms
294ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/css/main.css?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

0e97e93ffbad3875b9daadc51b683d156a4bbc4ef9f67c723e0f44d7310207b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 17:11:00 GMT
server: nginx
etag: W/"5f760da4-1690c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 addthis_wordpress_public.min.css
jita.fun/wp-content/plugins/addthis/frontend/build/ 587 B
792 B 296ms
295ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.5.7

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 20 Oct 2020 03:33:24 GMT
server: nginx
etag: "5f8e5a84-24b"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 587
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 jquery.min.js Show response
jita.fun/wp-content/themes/z403/js/libs/ 90 KB
36 KB 296ms
295ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/libs/jquery.min.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

5b430be7474d67af29a2b036fe83c807d997737dce3c116eb2f76323b7f1794f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 19:54:44 GMT
server: nginx
etag: W/"5e372904-169b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:47 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 871ms
25ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 18 May 2023 19:06:48 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116356

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 139ms
101ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df11387e0ac6fb4cfd8f641ae448fd091209a7bdd70a783e581d6478894810f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47503
x-xss-protection: 0
server: cafe
etag: 13218673169219009497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 May 2023 19:06:48 GMT

GET
H2 200 logo.png
jita.fun/wp-content/themes/z403/img/ 6 KB
7 KB 150ms
149ms Image
image/png 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/wp-content/themes/z403/img/logo.png

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

43d99b78f3bf4417e436a6b9c2e09756858c1f39455a2735c2392f1f25438ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 12 Feb 2021 06:20:52 GMT
server: nginx
etag: "60261e44-1972"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6514
expires: Sat, 17 Jun 2023 19:06:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 100ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4008690824127071

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c165a38c11154f05817d0a00c426210954c11b97674bd3057815b13421e087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Origin: https://jita.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47481
x-xss-protection: 0
server: cafe
etag: 11828895700733187194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 May 2023 19:06:48 GMT

GET
H2 200 avatar-default.png
jita.fun/wp-content/themes/z403/img/ 2 KB
2 KB 151ms
149ms Image
image/png 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/wp-content/themes/z403/img/avatar-default.png

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

d33faec85605392d3a462c18a49f06e001d2f5b2232981aff9e2a0e69e9ea0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Feb 2020 10:49:28 GMT
server: nginx
etag: "5e53aa38-61b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1563
expires: Sat, 17 Jun 2023 19:06:48 GMT

GET
H2 200 www.jita.fun_15208_1-200401yc3hvi4dz1n.webp
jita.fun/imgs/jitapu_02/ 26 KB
26 KB 151ms
149ms Image
image/webp 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/imgs/jitapu_02/www.jita.fun_15208_1-200401yc3hvi4dz1n.webp

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

29814d5c69af77f80a47ef14d9a05f25d50e63baf4c1e5d63833a23fcd636d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Feb 2021 01:39:06 GMT
server: nginx
etag: "60248aba-6830"
content-type: image/webp
accept-ranges: bytes
content-length: 26672

GET
H2 200 www.jita.fun_15208_1-200401kc13pmhl125.webp
jita.fun/imgs/jitapu_02/ 155 KB
155 KB 294ms
293ms Image
image/webp 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/imgs/jitapu_02/www.jita.fun_15208_1-200401kc13pmhl125.webp

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

9f8cb8f6f8282e07c598adfd8e128f381dfa7b596354a6098cf7e759a9d48848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 10 Feb 2021 16:34:13 GMT
server: nginx
etag: "60240b05-26b3e"
content-type: image/webp
accept-ranges: bytes
content-length: 158526

GET
H2 200 www.jita.fun_15208_1-200401i4fr30haozz.webp
jita.fun/imgs/jitapu_02/ 237 KB
238 KB 444ms
442ms Image
image/webp 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/imgs/jitapu_02/www.jita.fun_15208_1-200401i4fr30haozz.webp

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

956f251a2eb1314a8f7f3ed140c4e9f5e7f3eb8f27602cafcd5dd79f7cf8a1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 10 Feb 2021 15:54:12 GMT
server: nginx
etag: "602401a4-3b5fc"
content-type: image/webp
accept-ranges: bytes
content-length: 243196

GET
H2 200 www.jita.fun_15208_1-200401rodvcrbzf15.webp
jita.fun/imgs/jitapu_02/ 142 KB
143 KB 444ms
443ms Image
image/webp 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/imgs/jitapu_02/www.jita.fun_15208_1-200401rodvcrbzf15.webp

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

18d9e5f4b5b216855d3a01e8b0d2cb7c0381b910898b3e7c585ae50b1168c08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 10 Feb 2021 16:37:11 GMT
server: nginx
etag: "60240bb7-239b0"
content-type: image/webp
accept-ranges: bytes
content-length: 145840

GET
H2 200 thumbnail-sm.svg
jita.fun/wp-content/themes/z403/img/ 1002 B
1 KB 446ms
444ms Image
image/svg+xml 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jita.fun/wp-content/themes/z403/img/thumbnail-sm.svg

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

d5fd8af6eb018c09e73c831a400d4c52f227685baa6f44f8636c1f76eb9c0fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Sep 2020 20:07:30 GMT
server: nginx
etag: "5f739402-3ea"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1002

GET
H/1.1 200
OK 21283137.js Show response
js.users.51.la/ 5 KB
3 KB 1365ms
238ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21283137.js
Requested by: Host: jita.fun
URL: https://jita.fun/18770.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: c99248e8ffc0a48019fd68f96b9703c0f73eb2f82b9c00957a12b2e5bffd61a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 19:06:49 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *, *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 pay.js Show response
jita.fun/wp-content/themes/z403/zibpay/assets/js/ 6 KB
2 KB 151ms
151ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/zibpay/assets/js/pay.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

be5fced7e00a902b33a642102842498f1fb405465db2d12004229d29d6771a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 14:39:02 GMT
server: nginx
etag: W/"5f749886-1842"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:48 GMT

GET
H2 200 bootstrap.min.js Show response
jita.fun/wp-content/themes/z403/js/libs/ 31 KB
10 KB 149ms
147ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/libs/bootstrap.min.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 19:54:44 GMT
server: nginx
etag: W/"5e372904-7c4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:48 GMT

GET
H2 200 loader.js Show response
jita.fun/wp-content/themes/z403/js/ 16 KB
7 KB 149ms
147ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

74d665254dd14619c93b2070287ba14b7a17d8ef4a13515a1e0fad7baffa8705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 14:49:12 GMT
server: nginx
etag: W/"5f749ae8-3f4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:48 GMT

GET
H2 200 wp-embed.min.js Show response
jita.fun/wp-includes/js/ 1 KB
1003 B 150ms
148ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-includes/js/wp-embed.min.js?ver=5.5.7

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 21:20:03 GMT
server: nginx
etag: W/"6078ae03-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:48 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 40ms
7ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 18 May 2023 19:06:48 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=6695
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 6ryw365HpTA Show response
www.youtube.com/embed/ Frame C583 73 KB
31 KB 97ms
74ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6ryw365HpTA

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d833e81b81cbcea374246f4da8067182339dc727b92635eff522f26d77daec30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 player.html Show response
v.qq.com/iframe/ Frame D4E2 669 B
534 B 1157ms
279ms Document
text/html 23.201.243.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v.qq.com/iframe/player.html?vid=k0941fyavug&auto=0
Requested by: Host: jita.fun
URL: https://jita.fun/18770.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77c40528087017be7c9eee276c5b0aace26d7ba0535848f2b18fba49cf784bbc

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=55
content-encoding: gzip
content-length: 397
content-type: text/html
date: Thu, 18 May 2023 19:06:49 GMT
expires: Thu, 18 May 2023 19:07:44 GMT
vary: Accept-Encoding

GET
H2 200 fontawesome-webfont.woff
jita.fun/wp-content/themes/z403/fonts/ 96 KB
96 KB 433ms
433ms Font
font/woff 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/fonts/fontawesome-webfont.woff?v=4.7.0

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/css/font-awesome.min.css?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jita.fun/wp-content/themes/z403/css/font-awesome.min.css?ver=4.0.3
Origin: https://jita.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Feb 2020 19:54:44 GMT
server: nginx
etag: "5e372904-17ee8"
content-type: font/woff
accept-ranges: bytes
content-length: 98024

GET
H2 200 www-player.css
www.youtube.com/s/player/90a441fd/ Frame C583 405 KB
48 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 12:22:05 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/90a441fd/www-embed-player.vflset/ Frame C583 306 KB
92 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93933
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 18:38:15 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame C583 2 MB
740 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 15:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 757266
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 15:14:05 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/ Frame C583 9 KB
3 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 18:22:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C583 15 KB
15 KB 49ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 416293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C583 15 KB
16 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 436743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:47:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4008690824127071&plah=jita.fun&bust=31074718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4008690824127071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6ce0c27bd6342bab39da0d3beac1091655a56fa46f0c065397c890e5d2c7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 3285604253579212948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 May 2023 19:06:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 90C0 10 KB
5 KB 35ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4008690824127071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 20:14:39 GMT
etag: 15057649708203361565
expires: Wed, 31 May 2023 20:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C583
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
145 B

15ms
15ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8319f3e74cc10bc64e4c9c95246cd4e5188a714a3ddcb3629150af79cbc439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 May 2023 19:06:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C583 29 B
496 B 38ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:54:24 GMT
x-content-type-options: nosniff
age: 745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 19:09:24 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
14ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 18 May 2023 19:06:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C583 67 KB
31 KB 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a33ddfa8b452dd519607f20de01e163eddb4465b42e1d89ee313852c520a8902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31369
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame C583 116 KB
33 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33608
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 23:03:31 GMT

GET
H2 200 fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js Show response
www.google.com/js/th/ Frame C583 37 KB
15 KB 200ms
8ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 01:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14683
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 01:00:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/6ryw365HpTA/ Frame C583 73 KB
74 KB 184ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6ryw365HpTA/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

142a95ba46d724c01c9441a0f9348cc77e5ac518ca60f817c73f555c04681b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 2869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74943
x-xss-protection: 0
server: sffe
etag: "1657720082"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 May 2023 20:19:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame C583 29 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 17:34:09 GMT

GET
DATA 200
OK truncated
/ Frame C583 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 qdlpko4uxsuz4_Qzs_PfAt7zhuVZcDGmESGFBubqlRWnysGT4sFfvObLPcEP_h9y3EunB3xMMg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C583 3 KB
3 KB 61ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/qdlpko4uxsuz4_Qzs_PfAt7zhuVZcDGmESGFBubqlRWnysGT4sFfvObLPcEP_h9y3EunB3xMMg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6ryw365HpTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25fa2cee05167f457e3323a272ca9fd9b40654a45d0d9e9c2a535028afd1b27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3095
x-xss-protection: 0
expires: Fri, 19 May 2023 19:06:49 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
598 B 84ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jita.fun&callback=_gfp_s_&client=ca-pub-4008690824127071

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4008690824127071&plah=jita.fun&bust=31074718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1d64161ed975740db4438102f9e93087dddf6c5d0f1868489c88688230a03ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 52ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jita.fun

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 59ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jita.fun

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header%20header-layout-2&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4E9 13 KB
5 KB 516ms
515ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&adk=1812271804&adf=3025194257&lmt=1684436809&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjita.fun%2F18770.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808934&bpp=6&bdt=1087&idt=582&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8767378039312&frm=20&pv=2&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=623

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6912d5fbc44543b6a5407642aa4d388c1b46973053049b6786f2e905ad6ac3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:50 GMT
expires: Thu, 18 May 2023 19:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 18 May 2023 19:06:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C583 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efd3e16e953ba63d5b32519c813e693198c9c6ed31e29d26b232a2d64045a2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0402 144 KB
39 KB 1188ms
1187ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=1863033433&adk=2043962088&adf=2266841347&pi=t.ma~as.1863033433&w=1200&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=1200x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808940&bpp=2&bdt=1093&idt=707&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1LjeLU1uI&p=https%3A//jita.fun&dtd=717

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29a55024d9e8b48d3399eaf5fb99713b64667c94f5e57bf42ef67a814360fce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:50 GMT
expires: Thu, 18 May 2023 19:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4E9 107 KB
36 KB 800ms
799ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=8549019498&adk=1795206994&adf=2572311781&pi=t.ma~as.8549019498&w=984&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=984x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808942&bpp=1&bdt=1095&idt=727&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=145&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=V4xwkzeU8V&p=https%3A//jita.fun&dtd=731

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a49547d3c7f0ff51d10030978f69f325c542a0f9fd29c7be74921673e13f796a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:50 GMT
expires: Thu, 18 May 2023 19:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 1484ms
332ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21283137&rt=1684436809700&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E3%2580%258A%25E6%2588%2591%25E6%2598%25AF%25E4%25B8%2580%25E9%259A%25BB%25E9%25AD%259A%25E3%2580%258B%25E5%2590%2589%25E4%25BB%2596%25E8%25AD%259C%25EF%25BC%258C%25E5%258F%25B0%25E7%2581%25A3%25E8%2590%25BD%25E6%2597%25A5%25E9%25A3%259B%25E8%25BB%258A%25E6%25A8%2582%25E9%259A%258A%25E7%25BF%25BB%25E5%2594%25B1%25E4%25BB%25BB%25E8%25B3%25A2%25E9%25BD%258A%25E7%259A%2584%25E7%25B6%2593%25E5%2585%25B8%25E8%2580%2581%25E6%25AD%258C%25EF%25BC%258C&ing=1&ekc=&sid=1684436809700&tt=%25E8%2590%25BD%25E6%2597%25A5%25E9%25A3%259B%25E8%25BB%258A%25E3%2580%258A%25E8%2590%25BD%25E6%2597%25A5%25E9%25A3%259B%25E8%25BB%258A%25E6%2588%2591%25E6%2598%25AF%25E4%25B8%2580%25E9%259A%25BB%25E9%25AD%259A%25E3%2580%258B%25E5%2590%2589%25E4%25BB%2596%25E8%25AD%259C%25EF%25BC%2588%25E5%2585%25B14%25E5%25BC%25B5%25E5%259C%2596%25E7%2589%2587%25EF%25BC%2589-%25E5%2590%2589%25E4%25BB%2596%25E8%25AD%259C&kw=%25E8%2590%25BD%25E6%2597%25A5%25E9%25A3%259B%25E8%25BB%258A%25E6%25AD%258C%25E6%259B%25B2%25E5%2590%2589%25E4%25BB%2596%25E8%25AD%259C%252C%25E8%2590%25BD%25E6%2597%25A5%25E9%25A3%259B%25E8%25BB%258A%25E5%2590%2589%25E4%25BB%2596%25E6%259B%25B2%25E8%25AD%259C%25E7%25B0%25A1%25E8%25AD%259C%252C%25E5%2590%2589%25E4%25BB%2596%25E8%25AD%259C%25E5%25A4%25A7%25E5%2585%25A8&cu=https%253A%252F%252Fjita.fun%252F18770.html&pu=
Requested by: Host: jita.fun
URL: https://jita.fun/18770.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 19:06:51 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C583 4 KB
2 KB 75ms
52ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 May 2023 19:06:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C583 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5UB4KA
Requested by: Host: jita.fun
URL: https://jita.fun/18770.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6ryw365HpTA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
240 B 224ms
186ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=64667748eb91242a&bkl=0&bl=1&pdt=2144&sid=64667748eb91242a&pub=wp-1ddbde2890f6255466a509e42576e6f2&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=jita.fun&fp=18770.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%E8%90%BD%E6%97%A5%E9%A3%9B%E8%BB%8A%E6%AD%8C%E6%9B%B2%E5%90%89%E4%BB%96%E8%AD%9C%2C%E8%90%BD%E6%97%A5%E9%A3%9B%E8%BB%8A%E5%90%89%E4%BB%96%E6%9B%B2%E8%AD%9C%E7%B0%A1%E8%AD%9C%2C%E5%90%89%E4%BB%96%E8%AD%9C%E5%A4%A7%E5%85%A8&colc=1684436809825&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-1ddbde2890f6255466a509e42576e6f2%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=646677486fc9baae000&skipb=1&callback=addthis.cbs.jsonp__81629108414717840
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e1337d9961eba1b4225b03905a296caf8bd58227f26662a9da5107536c5fcf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:50 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 91BA 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 0AB4 71 KB
26 KB 23ms
23ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Thu, 18 May 2023 19:06:49 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 21ms
21ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 18 May 2023 19:06:49 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 main.js Show response
jita.fun/wp-content/themes/z403/js/ 30 KB
10 KB 147ms
147ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/main.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

7cf5f97c15788cb57fb0628b699ea8c167fe1ccd4a5f12c88f10cae02515c9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 17:18:12 GMT
server: nginx
etag: W/"5f760f54-786b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:49 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame C583 51 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 07:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 19 May 2023 07:30:26 GMT

GET
H2 200 player.html Show response
v.qq.com/txp/iframe/ Frame D4E2 1 KB
658 B 264ms
264ms Document
text/html 23.201.243.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Requested by: Host: v.qq.com
URL: https://v.qq.com/iframe/player.html?vid=k0941fyavug&auto=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8

Request headers

Referer: https://v.qq.com/iframe/player.html?vid=k0941fyavug&auto=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=60
content-encoding: gzip
content-length: 523
content-type: text/html
date: Thu, 18 May 2023 19:06:50 GMT
expires: Thu, 18 May 2023 19:07:50 GMT
vary: Accept-Encoding

GET
H2 200 jquery.cookie.min.js Show response
jita.fun/wp-content/themes/z403/js/libs/ 2 KB
1 KB 146ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/libs/jquery.cookie.min.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

d8f416d1eaba66983deb862a842a1d11d7e94df04a0222900b3519c201495e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 23:42:32 GMT
server: nginx
etag: W/"5e448d68-918"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 sign-register.js Show response
jita.fun/wp-content/themes/z403/js/ 3 KB
2 KB 146ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/sign-register.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

695413a95b1e067e4f24fa8a90b9b201bb3bac60c3c9601a7c3678911ec34b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 00:41:02 GMT
server: nginx
etag: W/"5f73d41e-d4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 comment.js Show response
jita.fun/wp-content/themes/z403/js/ 11 KB
4 KB 150ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/comment.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

410cc6faee28b2454b0489f76fabf3d18de600af70da9239122ebf4e876ed7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 17:22:30 GMT
server: nginx
etag: W/"5f761056-2aab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 svg-icon.js Show response
jita.fun/wp-content/themes/z403/js/ 43 KB
20 KB 148ms
147ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/svg-icon.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

7649147a25ed7c66c46fb8e223767423297d20fb8117d88d407a7dad093afc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 21:45:20 GMT
server: nginx
etag: W/"5eebe070-ac1d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 imgbox.js Show response
jita.fun/wp-content/themes/z403/js/ 4 KB
2 KB 147ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/imgbox.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

50ae8f6901f4dc33efcb03726f510bcd758ee6d9ea91903261caa4e665c6323f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 21:36:36 GMT
server: nginx
etag: W/"5f73a8e4-10a1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 lazysizes.min.js Show response
jita.fun/wp-content/themes/z403/js/libs/ 7 KB
4 KB 147ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/libs/lazysizes.min.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

86404468f48d96df16d50c315ec1c872982f83470b550016719fbb3caf717caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 18 Mar 2020 12:32:24 GMT
server: nginx
etag: W/"5e7214d8-1c73"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 mini-touch.js Show response
jita.fun/wp-content/themes/z403/js/ 3 KB
1 KB 147ms
146ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/mini-touch.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

d6da2fde653dd2d4d5e7e91e84175e7f5e7ed32ca933b36a4a8041566a2f7b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 13:20:44 GMT
server: nginx
etag: W/"5f7334ac-c8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 157.5c460da9d8beb53078c0.js Show response
s7.addthis.com/static/ 2 KB
978 B 17ms
17ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/157.5c460da9d8beb53078c0.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2b36cbf61a4ac4abe4d6d04bdb9f95094f9159f26b6163ba06f675b1030a024b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 18 May 2023 19:06:50 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-72f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 747

GET
H2 200 184.73d337bbba7a90f88049.js Show response
s7.addthis.com/static/ 1 KB
893 B 18ms
18ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/184.73d337bbba7a90f88049.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1d9bb05a5612619a97873b9611b4503e638179154d7bfc773e86eab8c49f2ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 18 May 2023 19:06:50 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-485"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 662

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4E9 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20230516&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&adk=1812271804&adf=3025194257&lmt=1684436809&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjita.fun%2F18770.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808934&bpp=6&bdt=1087&idt=582&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8767378039312&frm=20&pv=2&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=623

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 26ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jita.fun

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jita.fun

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2732 91 KB
36 KB 879ms
878ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b77c380e7d389e6e0eeda4a962d1ba2f918bc548d5a415aba7fffb717ba58cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:51 GMT
expires: Thu, 18 May 2023 19:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 swiper.css
jita.fun/wp-content/themes/z403/css/ 18 KB
5 KB 149ms
149ms Stylesheet
text/css 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/css/swiper.css

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/libs/jquery.min.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

6ecf132c0925664b0fd4018d43fbe34a96c9bc96c2243a4e6873f868cf4406bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:55:08 GMT
server: nginx
etag: W/"5e87949c-4805"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H2 200 swiper.min.js Show response
jita.fun/wp-content/themes/z403/js/libs/ 135 KB
40 KB 150ms
149ms Script
application/javascript 104.149.199.150
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://jita.fun/wp-content/themes/z403/js/libs/swiper.min.js?ver=4.0.3

Requested by

Host: jita.fun
URL: https://jita.fun/wp-content/themes/z403/js/loader.js?ver=4.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.149.199.150 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

unassigned.psychz.net

Software

nginx /

Resource Hash

883b61a0129a1c642102f5710a0366aedd0492e9e07b42e9d3f3c1136fc5ecf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/18770.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 19:54:44 GMT
server: nginx
etag: W/"5e372904-21c03"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 19 May 2023 07:06:50 GMT

GET
H/1.1 200
OK loader.js Show response
vm.gtimg.cn/thumbplayer/iframe/ Frame D4E2 4 KB
2 KB 2707ms
159ms Script
application/javascript 2408:8779:c001:3:70::17
UNICOM-NXZW-IDC U...

General

Check archive.org

Show headers Download Go to

Full URL: https://vm.gtimg.cn/thumbplayer/iframe/loader.js
Requested by: Host: v.qq.com
URL: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8779:c001:3:70::17 , China, ASN140707 (UNICOM-NXZW-IDC UNICOM Ningxia province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 1fed64c664acd76b9fbf137243d5c673087a5cb14450ee73f3e796cc34a2dee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 10:22:49 GMT
Content-Encoding: gzip
x-cos-object-type: normal
X-Cache-Lookup: Cache Hit
x-cos-storage-class: STANDARD_IA
x-cos-version-id: MTg0NDUwNTk3NTQ3NjIxNjI3MTY
Connection: keep-alive
Content-Length: 1793
X-COS-META-MD5: 79d3e778c12ed71fbfb9cd14ebb0358e
X-Client-Ip: 2001:ac8:20:271::1e
x-cos-hash-crc64ecma: 5051824121828292972
Last-Modified: Wed, 17 May 2023 10:22:27 GMT
Server: NWSs
Etag: "ebe2e168019fe3b0a6f787f666e8d924f24b421e"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP: 116.172.74.185
X-NWS-LOG-UUID: 11965612132818506690
Accept-Ranges: bytes
Ip: 0.0.0.0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://jita.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame C4E9 9 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=8549019498&adk=1795206994&adf=2572311781&pi=t.ma~as.8549019498&w=984&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=984x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808942&bpp=1&bdt=1095&idt=727&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=145&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=V4xwkzeU8V&p=https%3A//jita.fun&dtd=731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 May 2023 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 May 2023 18:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 May 2023 19:06:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame C4E9 2 KB
819 B 48ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4E9 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzG6SSXdmZPaMNPnos8IPk_CZuAelpqaicMOdrYe6EczM0ZbcARABIJu_jiBgleKQgqAHoAH74MmwKMgBCagDAcgDywSqBOQBT9ACpz9eUbjdCWJLoa2brdaaUf3VUlHhrJF9pJLYqhIKNlkHU2PfDkdAGqpKKIhxodCaooT5IaxgmicTPYHJAZX2fQy3F12lgC-PMZL6mf1UzzKI3yNdVUtZi7iPOMZOMq0PmmDRmOQXw8oIdqgl7aHlFm7_N4ifPeVmPoB7hE1w45TGWBr5pB3x306RYU0uPp_lnXfEIWr0RGW7dLMSlOK6BXdKu284oTPp_p0yuJJPZjth6QkCqG67XwTHW144HcuwpIcQCcUkBgXqSA9LBuWIlwryLQycUmBjIzj1Xii28eu7wATN_7CK9wOSBQQIBBgBkgUECAUYBKAGLoAH-5iakAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxC7cdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDAwODY5MDgyNDEyNzA3MRgA&sigh=Wo-CH2gBYFY&uach_m=[UACH]&cid=CAQSGwBygQiDvpZ2bnf42RQI15DJlva1k7KkOCzZThgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=8549019498&adk=1795206994&adf=2572311781&pi=t.ma~as.8549019498&w=984&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=984x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808942&bpp=1&bdt=1095&idt=727&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=145&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=V4xwkzeU8V&p=https%3A//jita.fun&dtd=731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 May 2023 19:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 May 2023 19:06:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame C4E9 22 KB
9 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame C4E9 3 KB
1 KB 40ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame C4E9 19 KB
8 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4E9 170 KB
53 KB 90ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:06:50 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame C4E9 32 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12023289654878236378/ Frame C4E9 63 KB
63 KB 38ms
13ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12023289654878236378/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2074347f4448eedf996fdf84decc85e175636e8323e5e0abb215328ed7537a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:35:29 GMT
x-content-type-options: nosniff
age: 441081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64628
x-xss-protection: 0
last-modified: Thu, 04 May 2023 03:46:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 16:35:29 GMT

GET
DATA 200
OK truncated
/ Frame C4E9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C4E9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C4E9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f9109292d220ae6c729aad196eca83079bef6c4b381d7676f56062dbc11535

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame C4E9 29 KB
29 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 481330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:24:40 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame DD85 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:02:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0402 2 KB
639 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=1863033433&adk=2043962088&adf=2266841347&pi=t.ma~as.1863033433&w=1200&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=1200x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808940&bpp=2&bdt=1093&idt=707&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1LjeLU1uI&p=https%3A//jita.fun&dtd=717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 May 2023 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 May 2023 17:17:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 May 2023 19:06:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 0402 2 KB
800 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0402 23 KB
24 KB 53ms
10ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQxZvPsb9T2gGYMxsGPYmaigf9swzJjbXFYdVeOv2xI-1oJxG1j&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2f65b3e8cebe69f6578a5f009f158351eebacc290711aef475e6aeaa3e7cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:54:56 GMT
x-content-type-options: nosniff
age: 493914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23656
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 01:49:19 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 01:54:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0402 14 KB
14 KB 51ms
8ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSuIqRwDH1b8OgUoyoa3g7aGM25vN8xo4iF2fKIZDP_V0a9L2ymj8QlMSOg1c8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d56d456b255b2b7b9e94d5afe2b00d82885ab505fdc0894af72281d38c6ba10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:14:34 GMT
x-content-type-options: nosniff
age: 222736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14280
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 21:45:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 15 May 2024 05:14:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0402 20 KB
21 KB 53ms
10ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTwORiV04g3fzZMhEE1WgK57Dtb00F7c-e_uKktXDjDBeEsqSn-LLS2PqRHaQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77745fdad8e78d2861218f262731401ce09b8ddad209cf8c9a67708b9ee1fe88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:14:24 GMT
x-content-type-options: nosniff
age: 481946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20656
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 05:12:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 05:14:24 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0402 19 KB
20 KB 62ms
9ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSBBpqjvGIBxb-7cOEdZBseUAKqeQV3-BZ49jwqW6NjJzozuCPb&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e02746476999ec30ba8042625cd59a101388932e9689c56cf10bcfa694b147ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:29:35 GMT
x-content-type-options: nosniff
age: 459435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19621
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 15:17:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 11:29:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0402 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp50iSXdmZK6HM4HqqQGvwaHACJyn4sxw6_7CkqERtuvRv-w5EAEgm7-OIGCV4pCCoAegAeGeqPADyAEJqQJIfsVgcRayPqgDAcgDywSqBOQBT9B48ufX5Ad-FXFbUhqdARXERDvsDyf9Azbg1oFUjvWLVjDsDPICBXB5Ckstd4HDAwxoRijj8YsGfJMlWDit4yrNC-Mj_4BHGIUxyCVwmzWsYuWN7odf_nyuHZwM-GeI1rXb9rT6sGSjIsvnAnwht1w0QA6uFPd6pRs7zzirA9aCRsdMnDzKZxhOLkeQe_bzFrGvg6XcRW44xBDAmdueE7DKGdFH7Nh-DwAlayLe-0UaK1hnW4QO7mbgGxj4IhMrBZbS6Prf2LPfRHClYHx3_OlWAV13F4bc1wyT8GnEduzIohyywASt6KympASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjqS9GagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCAjQfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBmAzelITOiwPCEwYY4Z6o8APYEw7QFQGAFwGyFxwKGggAEhRwdWItNDAwODY5MDgyNDEyNzA3MRgA&sigh=KZuWrC9-EMU&uach_m=[UACH]&cid=CAQSGwBygQiDbUVRyP8oT01IJgHrneW0Lwh8JpEAHBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=280&slotname=1863033433&adk=2043962088&adf=2266841347&pi=t.ma~as.1863033433&w=1200&fwrn=4&fwrnh=100&lmt=1684436809&rafmt=1&format=1200x280&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436808940&bpp=2&bdt=1093&idt=707&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1LjeLU1uI&p=https%3A//jita.fun&dtd=717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 May 2023 19:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 0402 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 0402 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 0402 19 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 0402 32 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0402 18 KB
18 KB 57ms
19ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR8maRUtmq9WGKV3Mnfnb2-5vbrvZw3xmMJf8GOfuLyIRWU_59gJ-Eqvx_5Ido&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d67073fcf4dd42ef33110ab0f6fa4fd3205bc6d9cbb4498cbccb0842ca9afe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:03:55 GMT
x-content-type-options: nosniff
age: 450175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18280
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 07:41:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 14:03:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0402 18 KB
18 KB 49ms
11ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQXhOzpi7j7b9KDb8r_uAvoX4Lu8Dt040dpaV3wCCWWs1bJ_nX5FnQ3m_RvNRc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694afccaa98b7ee124a01bfbb0d214649198ccb5f4f61d3e5dbd3f47bf208bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:47:20 GMT
x-content-type-options: nosniff
age: 145170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18649
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 19:37:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 16 May 2024 02:47:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0402 17 KB
17 KB 44ms
17ms Image
image/png 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSiABZucfR8J7R1M3Rvje_Il34cM-SS4ezPMNLqAeMgVYHnEgE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b63b0ea987e294e1493b6c26ee9fc9f49580d98f3a1911ce3136ecd809778d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 23:38:26 GMT
x-content-type-options: nosniff
age: 502104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 10:37:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 11 May 2024 23:38:26 GMT

GET
DATA 200
OK truncated
/ Frame 0402 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74268757077ed49e6e1a876dc9c52b7be321dddbd3f125a74ffe6a081efaa548

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0402 20 KB
20 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 440768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2851 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:02:26 GMT

GET
H3 200 3292108613800484017
tpc.googlesyndication.com/simgad/ Frame 2732 106 KB
106 KB 10ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3292108613800484017?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnHf0ya9-MAC-97QxwIalsBzjjqow

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b1b790b541aea6f5ab109ba3b2e2b1ae4d5886e5ab23d34e19cad45fb5f6449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:56:34 GMT
x-content-type-options: nosniff
age: 511817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108633
x-xss-protection: 0
last-modified: Fri, 12 May 2023 11:20:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 20:56:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 2732 22 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2732 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2732 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2732 0
0 20ms
18ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRT7256lLxRE-0OrGPP70bwBOjzBuFzynr9IE7U5Tdu510sbhTl9pJuNSUr6luSK1Fu_1paRciCNDZemwZk4ahGH7_1wQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2732 170 KB
53 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:06:51 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2732 32 KB
13 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:18:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2732 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CetHiSndmZOqWF7ufs8IP-vyNwAi5n7_HcLvbxKbVEeq73-OODhABIJu_jiBgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBOcBT9DkQKCqn-fF1owH-W8y6muMb3nDXTWbLTxctjgoY8YpYXFR7ZJV_DAPcTKmAvvQS5vDOfGVDPRkDF0y3v8NKsNn7qIeA2_zgGgT1yvR0wBURkEiQ1UqAHRyBPcaaeN70jYxEB91G-JIQf-A2SN6PMOcr_uKCQ1ycSHxmkiG8ZO5OQzsBlzfHsJ_RHlOi9mNTiQ5b4zMemBbUZ5NG4z44ev_aVMfsj0I0tJ9CC1EZQpCwXHX6L06OH1wHFyJiOIXv65SelxbRLclRCmLhe-ZebSkFQHSkbs4MSyN8JQuatzkZOlCOvunwASw44rprASSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVxw7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQwMDg2OTA4MjQxMjcwNzEYAA&sigh=wu3R61z8urs&uach_m=[UACH]&cid=CAQSOwBygQiDD9qV4qshNkw3IgQJUAkdt2mP3ET-PdFjhDKufSoug_OWHIkGmp19OE1F6xWVvn4OQnSaYyq_GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 May 2023 19:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 780E 143 B
166 B 9ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 18:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 42BE 1 KB
643 B 12ms
9ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Fri, 19 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2732 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f12a652080b9b291fa78c8b0d8158b358668b56f2f01e2221c7e1ea95eafcb6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 780E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:51 GMT
expires: Thu, 18 May 2023 19:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 42BE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOAG_-BI52Ww_gjnMwPUyMw&google_cver=1&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Zvl6HJELdWhXUxkcsE
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9A41ABBDBD54F4D86BEB7FB96A2A16F&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Z...

170 B
329 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9A41ABBDBD54F4D86BEB7FB96A2A16F&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Zvl6HJELdWhXUxkcsE

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 May 2023 19:06:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9A41ABBDBD54F4D86BEB7FB96A2A16F&google_push=ATf1kGO2bYqZ6QeG8mnOY-B15h-DMWQr5VMqwVeNZFaOQk4F72C93JAtiL6nysBGI1p0DatNQGUeMhnLHG18s-Zvl6HJELdWhXUxkcsE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 17 May 2023 19:06:51 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 42BE 70 B
265 B 115ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKb-dNoyvZZQAF_NNBh8-2M&google_cver=1&google_push=ATf1kGNoto_lgZVdSrtsxioqmx4uJp7XNlodvhK4SmVHnGlXaN9O6JVefRZX3owEqCIpJNHM7q5vyAyeH_D_YlJN8gyeMnT8iCzyApnn
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4008690824127071&output=html&h=600&adk=2366565510&adf=3672938918&pi=t.aa~a.1110341720~rp.3&daaos=1684414893197&w=295&fwrn=4&fwrnh=100&lmt=1684436810&rafmt=1&to=qs&pwprc=8780522838&format=295x600&url=https%3A%2F%2Fjita.fun%2F18770.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684436810171&bpp=1&bdt=2324&idt=1&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28809603540a9a57-221e3243dddd00cd%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A&gpic=UID%3D00000c1756b224a7%3AT%3D1684436809%3ART%3D1684436809%3AS%3DALNI_Mb5-973Qega76kS3buUaP3gMRwIgA&prev_fmts=0x0%2C1200x280%2C984x280&nras=2&correlator=8767378039312&frm=20&pv=1&ga_vid=828802040.1684436810&ga_sid=1684436810&ga_hid=165204383&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1182&ady=1750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31074469%2C31074718%2C44788442%2C44789923%2C44769661&oid=2&pvsid=3294197317033235&tmod=346204544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qktviNjjst&p=https%3A//jita.fun&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42BE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGio1tCcFBH41WqFqL-Txy4&google_cver=1&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609Vy...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGio1tCcFBH41WqFqL-Txy4&google_cver=1&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlK...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4&google_hm=XV8I62PlRg6POdF1kZNU...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4&google_hm=XV8I62PlRg6POdF1kZNU2w==

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4&google_hm=XV8I62PlRg6POdF1kZNU2w==
date: Thu, 18 May 2023 19:06:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42BE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XwnWjbqqRGW7XRJwCF245Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XwnWjbqqRGW7XRJwCF245Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPbCNUjGlWHhsh3dp85hwVtb0ux58qgZtpp5JBB2OpUCMgfOd7NpcdjpLxLkVVuj3Xdk7ddTllpxus9Y1VgZ1rEyqiAdanhE3Oz

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XwnWjbqqRGW7XRJwCF245Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPbCNUjGlWHhsh3dp85hwVtb0ux58qgZtpp5JBB2OpUCMgfOd7NpcdjpLxLkVVuj3Xdk7ddTllpxus9Y1VgZ1rEyqiAdanhE3Oz
date: Thu, 18 May 2023 19:06:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 42BE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJsmsg53r2WiCmEdKp_VVLc&google_cver=1&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhUSTZQUUMtVy0zSkRE&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJJdETH2oIkAxh2UWk6kpT5W9tCt5M

170 B
232 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhUSTZQUUMtVy0zSkRE&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJJdETH2oIkAxh2UWk6kpT5W9tCt5M

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhUSTZQUUMtVy0zSkRE&google_push=ATf1kGPv1PcVyAUSU0tNJVhy3D0VKFNHz9Q6OjY-IIVzSeKJrqOWUwrr5p3BwzAzcmAchCEndzJJdETH2oIkAxh2UWk6kpT5W9tCt5M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 42BE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_hm=ZGZ3SxUNNsX4oXTKw2xsJgAABI4AAAAB&google_nid=index&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZP...

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_hm=ZGZ3SxUNNsX4oXTKw2xsJgAABI4AAAAB&google_nid=index&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZPROdpxbTwNN_YtZTgcYUCxrt7Dc7b-c9BZj48YjV_bNe2Go_WbxmxAyfH2gK_6UP5Sly

Requested by

Host: jita.fun
URL: https://jita.fun/18770.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 May 2023 19:06:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENTUanZ18WvXxGpDT_4utfk&google_hm=ZGZ3SxUNNsX4oXTKw2xsJgAABI4AAAAB&google_nid=index&google_push=ATf1kGPtNzOOKki_r5Cl0IYznywy3pVeTHcZPROdpxbTwNN_YtZTgcYUCxrt7Dc7b-c9BZj48YjV_bNe2Go_WbxmxAyfH2gK_6UP5Sly
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 42BE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFC0B05hOuJaBowEpvOoxE8&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPwBnDEQMV0ZEyq_CYV924hM8w8J-xLGx80E184171Sx5rtoPUa2-NxI7ngWgacm6q832FHnY-7BuKmXxUqDE_9nWq_nJHXhySIvA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

62ms
61ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: jita.fun
URL: https://jita.fun/18770.html
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 18 May 2023 19:06:51 GMT
pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 42BE 0
130 B 56ms
17ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOhcc2pc502NsBMXJB_amOUbRhbbFeOJR2anmKvwTnbjZSmrwkro-aE5BdJLnzRssKBcp0HQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame C093 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:02:26 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4E9 42 B
174 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE4yyCXVmvjXihRSbC9kU9s7zy5GrmbI2k5xY0x_PmIfMk2IbyFSHNhTmtcG4ujWeX1lU14n8zoROEjwxaL6mytEgai-KvLsbDiiVVjPEHZJ1ZLai0gXmJxQ5VeGzKx9mZJavfJg&sai=AMfl-YQ58732S5DJgpm6KCWfTDzIwtHuzqiYG20Qhron7tn8W7PeQFvfLxZSgvFZkXCb_ocH2FkMjYzsCb1B&sig=Cg0ArKJSzHt52HxgZmnZEAE&cid=CAQSGwBygQiDvpZ2bnf42RQI15DJlva1k7KkOCzZThgB&id=lidar2&mcvt=1000&p=0,0,280,984&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=22&adk=1795206994&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684436809675&rpt=987&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 19:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C583 28 B
54 B 44ms
43ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1684436811708
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6ryw365HpTA
X-YouTube-Client-Version: 1.20230514.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtTTWNqQlhvWXVxYyjI7pmjBg%3D%3D
X-YouTube-Ad-Signals: dt=1684436809020&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 18 May 2023 19:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 18 May 2023 19:06:51 GMT

GET
H/1.1 200
OK superplayer.js Show response
vm.gtimg.cn/thumbplayer/superplayer/ Frame D4E2 842 KB
222 KB 159ms
159ms Script
application/javascript 2408:8779:c001:3:70::17
UNICOM-NXZW-IDC U...

General

Check archive.org

Show headers Download Go to

Full URL: https://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Requested by: Host: vm.gtimg.cn
URL: https://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8779:c001:3:70::17 , China, ASN140707 (UNICOM-NXZW-IDC UNICOM Ningxia province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 008b6a8a0b0be6634ac238c9e25699fc29d68040705512053a26a91883494e55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 10:28:36 GMT
Content-Encoding: gzip
x-cos-object-type: normal
X-Cache-Lookup: Cache Hit
x-cos-storage-class: STANDARD_IA
x-cos-version-id: MTg0NDUwNTk3NTQ3NjIxMTI3Njk
Connection: keep-alive
Content-Length: 226639
X-COS-META-MD5: 18707d923e64bbd1382fd00ff1e2db72
X-Client-Ip: 2001:ac8:20:271::1e
x-cos-hash-crc64ecma: 1605151560646036044
Last-Modified: Wed, 17 May 2023 10:22:27 GMT
Server: NWSs
Etag: "efcf477e6d1c25b5337006baecd128ad0a0b0b78"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP: 116.172.74.185
X-NWS-LOG-UUID: 11953618458006624011
Accept-Ranges: bytes
Ip: 0.0.0.0

GET
H/1.1 200
OK iframe.js Show response
vm.gtimg.cn/thumbplayer/iframe/ Frame D4E2 7 KB
3 KB 158ms
158ms Script
application/javascript 2408:8779:c001:3:70::17
UNICOM-NXZW-IDC U...

General

Check archive.org

Show headers Download Go to

Full URL: https://vm.gtimg.cn/thumbplayer/iframe/iframe.js
Requested by: Host: vm.gtimg.cn
URL: https://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8779:c001:3:70::17 , China, ASN140707 (UNICOM-NXZW-IDC UNICOM Ningxia province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: f36b41d981f5f570a437ec2c905ac8d3a320a6a4ceeba82e1ad1d293d0626e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 10:22:56 GMT
Content-Encoding: gzip
x-cos-object-type: normal
X-Cache-Lookup: Cache Hit
x-cos-storage-class: STANDARD_IA
x-cos-version-id: MTg0NDUwNTk3NTQ3NjIxNjU4MDg
Connection: keep-alive
Content-Length: 2757
X-COS-META-MD5: 96c9f70da781f014ca2ca0a11e797061
X-Client-Ip: 2001:ac8:20:271::1e
x-cos-hash-crc64ecma: 1555164769136559227
Last-Modified: Wed, 17 May 2023 10:22:27 GMT
Server: NWSs
Etag: "a49435c0b0f89f7419be8d13f98b2598cf5e4025"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP: 116.172.74.185
X-NWS-LOG-UUID: 16126849260807162477
Accept-Ranges: bytes
Ip: 0.0.0.0

GET
H2 200 thumbplayer-offline-log.html Show response
v.qq.com/ Frame 2326 30 KB
10 KB 25ms
24ms Document
text/html 23.201.243.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Requested by: Host: vm.gtimg.cn
URL: https://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77c1abf8df498bcd9e3dabbc1e8c816b49938b953d95cc6c8aaf71e1da37f08f

Request headers

Referer: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=42
content-encoding: gzip
content-length: 9962
content-type: text/html
date: Thu, 18 May 2023 19:06:53 GMT
expires: Thu, 18 May 2023 19:07:35 GMT
vary: Accept-Encoding

GET
H2 200 object Show response
v.qq.com/cache/wuji/ Frame D4E2 296 B
434 B 303ms
303ms Script
application/json 23.201.243.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whileList&schemakey=d5dccc35902346b2bdcbcef774fefe99&include=encryptValue%2Ctype%2CerrorCode%2Crate&filter=projectId%3D%2210201%22&otype=jsonp&callback=offline_log1
Requested by: Host: vm.gtimg.cn
URL: https://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e22ec37bee291cad9e73a17c49e05e4bc5a79e4f1a7593988c48e52b0a7a7cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Thu, 18 May 2023 19:06:54 GMT
cache-control: max-age=0
content-length: 296
vary: Accept-Encoding
expires: Thu, 18 May 2023 19:06:54 GMT

GET
H2 200 beacon_web.min.js Show response
beacon.cdn.qq.com/sdk/4.5.16/ Frame D4E2 31 KB
10 KB 1696ms
8ms Script
text/javascript 43.152.28.37

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
Requested by: Host: vm.gtimg.cn
URL: https://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.28.37 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 1d3877307b44c0898e5eb8e51f862249958fe6411ee86f36640387f622c104ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 11 May 2023 19:34:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-cos-request-id: NjQ1ZDQzNDJfZWI4ZDNjMGJfMWRhN2NfMTE0M2Y1MzY=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-cos-hash-crc64ecma: 5574060019002018929
last-modified: Tue, 13 Dec 2022 14:47:32 GMT
server: tencent-cos
etag: "78ce85cf25b73a3e634dcbf283f5c4bd"
vary: Origin
content-type: text/javascript
access-control-expose-headers: *
access-control-allow-credentials: true
x-nws-log-uuid: 1456416833249029137
accept-ranges: bytes

GET
H2 200 k0941fyavug_hz.jpg
puui.qpic.cn/vpic_cover/k0941fyavug/ Frame D4E2 67 KB
67 KB 1635ms
1335ms Image
image/jpeg 2.16.241.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://puui.qpic.cn/vpic_cover/k0941fyavug/k0941fyavug_hz.jpg
Requested by: Host: v.qq.com
URL: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1838fbffa5fb45afd2d86a3f7249de94597385fa919dbe2f254eca69e7836181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-datasrc: 7
date: Thu, 18 May 2023 19:06:55 GMT
last-modified: Fri, 18 Mar 2022 21:19:06 GMT
x-reqid: MTY4NDQzNjgxNF8wXzc2NTM4MTdCREI2RjQ5M0I4RjNEMjE2MTE3NUZDNTlG
etag: "0af41cebc499003254774a1ff13cdee6d61a5a8c"
vary: Accept
content-type: image/jpeg
x-delay: 19657 us
size: 68500
access-control-allow-origin: *
cache-control: max-age=2591988
x-rtflag: 1
timing-allow-origin: *
content-length: 68500
x-info: real data

GET
H2 200 kv
h.trace.qq.com/ Frame D4E2 2 B
84 B 1333ms
199ms Image
image/gif 240e:e9:6003:211::113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=https%3A%2F%2Fv.qq.com%2Fiframe%2Fplayer.html%3Fvid%3Dk0941fyavug%26auto%3D0&iframeUrl=https%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Fvid%3Dk0941fyavug%26autoplay%3Dfalse&oldPlayer=0&topDomain=v.qq.com&_dc=0.763891108049634
Requested by: Host: v.qq.com
URL: https://v.qq.com/txp/iframe/player.html?vid=k0941fyavug&autoplay=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:e9:6003:211::113 -, , ASN (),
Reverse DNS
Software: Trpc httpd /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:55 GMT
server: Trpc httpd
content-length: 2
content-type: image/gif

OPTIONS v2_upload
otheve.beacon.qq.com/analytics/ Frame 0
0

POST v2_upload
otheve.beacon.qq.com/analytics/ Frame D4E2 0
0

OPTIONS v2_upload
otheve.beacon.qq.com/analytics/ Frame 0
0

POST v2_upload
otheve.beacon.qq.com/analytics/ Frame D4E2 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
59ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1143dd48b1cc2c4066be7babe4e7507641cb9212b21650dc670508fcac87c420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11218
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jita.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 May 2023 19:06:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 828D 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 18:05:24 GMT
expires: Fri, 17 May 2024 18:05:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D9D7 783 B
535 B 20ms
19ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f2b4ab5a0e2c2596d391cbe7f753c381ed3324aaacb080501c8027b11fec9a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IMrs7r9b4xW3OBzXNd2yEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jita.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IMrs7r9b4xW3OBzXNd2yEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 19:06:55 GMT
expires: Thu, 18 May 2023 19:06:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 828D 37 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 18:27:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D9D7 0
0 43ms
42ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=3294197317033235&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 828D 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WcUmtw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:06:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0WEB0QEJW44KW5A5

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0WEB0QEJW44KW5A5

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0AND0F8T5N4N7QT0

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0WEB0QEJW44KW5A5

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0WEB0QEJW44KW5A5

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0AND0F8T5N4N7QT0

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0AND0F8T5N4N7QT0

Domain: otheve.beacon.qq.com
URL: https://otheve.beacon.qq.com/analytics/v2_upload?appkey=0AND0F8T5N4N7QT0

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4fv9o9zqtDE
.youtube.com/	1970-01-20 16:13:08	Name: VISITOR_INFO1_LIVE Value: SMcjBXoYuqc
.jita.fun/	1970-01-20 21:15:32	Name: __gads Value: ID=28809603540a9a57-221e3243dddd00cd:T=1684436809:RT=1684436809:S=ALNI_MZ7wtOgAsPSL7mJlMdvm8wXgll00A
.jita.fun/	1970-01-20 21:15:32	Name: __gpi Value: UID=00000c1756b224a7:T=1684436809:RT=1684436809:S=ALNI_Mb5-973Qega76kS3buUaP3gMRwIgA
jita.fun/	1969-12-31 23:59:59	Name: __tins__21283137 Value: %7B%22sid%22%3A%201684436809700%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201684438609700%7D
jita.fun/	1969-12-31 23:59:59	Name: __51cke__ Value:
jita.fun/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
jita.fun/	1970-01-20 21:25:37	Name: __atuvc Value: 1%7C20
jita.fun/	1970-01-20 11:53:58	Name: __atuvs Value: 646677486fc9baae000
.addthis.com/	1970-01-20 21:25:37	Name: uvc Value: 1%7C20
.addthis.com/	1970-01-20 21:25:37	Name: loc Value: MDAwMDBFVVJPMEIyMjQ1MjA2MTAwMDAwMDBDSA==
.doubleclick.net/	1970-01-20 21:15:32	Name: IDE Value: AHWqTUkQoxizraa2lFl9jI0M66iiTSX7u10N1UV9VU1DAQLFIDIWTqZgKfRTCtX-JIA
.doubleclick.net/	1970-01-20 11:54:00	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 20:40:59	Name: suid Value: D9A41ABBDBD54F4D86BEB7FB96A2A16F
.casalemedia.com/	1970-01-20 20:39:32	Name: CMID Value: ZGZ3SxUNNsX4oXTKw2xsJgAA
.casalemedia.com/	1970-01-20 14:03:32	Name: CMPS Value: 1166
.casalemedia.com/	1970-01-20 14:03:32	Name: CMPRO Value: 1166
.bidswitch.net/	1970-01-20 20:39:32	Name: tuuid Value: 5d5f08eb-63e5-460e-8f39-d175919354db
.bidswitch.net/	1970-01-20 20:39:32	Name: c Value: 1684436811
.bidswitch.net/	1970-01-20 20:39:32	Name: tuuid_lu Value: 1684436811
.pubmatic.com/	1970-01-20 11:55:23	Name: KTPCACOOKIE Value: YES
.bidswitch.net/	1970-01-20 11:53:57	Name: google_push Value: ATf1kGP1DV5BzwyQC7EGXK86w5NOyfRTibJFotxrIIbDNROMC_Gqa-4UHY05H352_8qLOljhhStm-Lua6CxtlKo609VybKOb6wgrBq4
.pubmatic.com/	1970-01-20 20:39:32	Name: KADUSERCOOKIE Value: 5F09D68D-BAAA-4465-BB5D-1270085DB8E5

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://jita.fun/18770.html Message: Mixed Content: The page at 'https://jita.fun/18770.html' was loaded over HTTPS, but requested an insecure element 'http://jita.fun/wp-content/themes/z403/img/avatar-default.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jita.fun/18770.html Message: Mixed Content: The page at 'https://jita.fun/18770.html' was loaded over HTTPS, but requested an insecure element 'http://jita.fun/wp-content/themes/z403/img/avatar-default.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jita.fun/18770.html(Line 268) Message: Mixed Content: The page at 'https://jita.fun/18770.html' was loaded over HTTPS, but requested an insecure element 'http://jita.fun/wp-content/themes/z403/img/avatar-default.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jita.fun/18770.html(Line 428) Message: Mixed Content: The page at 'https://jita.fun/18770.html' was loaded over HTTPS, but requested an insecure element 'http://jita.fun/wp-content/themes/z403/img/avatar-default.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
beacon.cdn.qq.com
cm.g.doubleclick.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.trace.qq.com
i.ytimg.com
ia.51.la
image6.pubmatic.com
jita.fun
jnn-pa.googleapis.com
js.users.51.la
m.addthis.com
match.adsrvr.org
otheve.beacon.qq.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
puui.qpic.cn
s7.addthis.com
ssum-sec.casalemedia.com
static.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
v.qq.com
vm.gtimg.cn
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
otheve.beacon.qq.com
s7.addthis.com
103.143.19.103
104.111.217.42
104.149.199.150
104.75.88.126
142.250.186.130
15.197.193.217
18.194.246.231
185.80.39.216
198.47.127.19
2.16.241.10
23.201.243.171
23.32.185.123
2408:8779:c001:3:70::17
240e:e9:6003:211::113
2a00:1450:4001:801::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
35.204.74.118
43.152.28.37
69.173.144.138
002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83
008b6a8a0b0be6634ac238c9e25699fc29d68040705512053a26a91883494e55
009f296a48b6d964926b0a91818de7327f057084f9d70f148b5d73e75d2b4c02
04f9109292d220ae6c729aad196eca83079bef6c4b381d7676f56062dbc11535
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0b77c380e7d389e6e0eeda4a962d1ba2f918bc548d5a415aba7fffb717ba58cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e97e93ffbad3875b9daadc51b683d156a4bbc4ef9f67c723e0f44d7310207b5
0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d
1143dd48b1cc2c4066be7babe4e7507641cb9212b21650dc670508fcac87c420
142a95ba46d724c01c9441a0f9348cc77e5ac518ca60f817c73f555c04681b32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1838fbffa5fb45afd2d86a3f7249de94597385fa919dbe2f254eca69e7836181
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
18d9e5f4b5b216855d3a01e8b0d2cb7c0381b910898b3e7c585ae50b1168c08b
1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54
1b63b0ea987e294e1493b6c26ee9fc9f49580d98f3a1911ce3136ecd809778d0
1d3877307b44c0898e5eb8e51f862249958fe6411ee86f36640387f622c104ac
1d9bb05a5612619a97873b9611b4503e638179154d7bfc773e86eab8c49f2ad3
1e1337d9961eba1b4225b03905a296caf8bd58227f26662a9da5107536c5fcf5
1fed64c664acd76b9fbf137243d5c673087a5cb14450ee73f3e796cc34a2dee3
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
25fa2cee05167f457e3323a272ca9fd9b40654a45d0d9e9c2a535028afd1b27a
29814d5c69af77f80a47ef14d9a05f25d50e63baf4c1e5d63833a23fcd636d07
29a55024d9e8b48d3399eaf5fb99713b64667c94f5e57bf42ef67a814360fce8
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2b28e34d1a077fd6974e5291a14661a4fa3a4ee139121ffca55b81f8e68fb3b6
2b36cbf61a4ac4abe4d6d04bdb9f95094f9159f26b6163ba06f675b1030a024b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3d56d456b255b2b7b9e94d5afe2b00d82885ab505fdc0894af72281d38c6ba10
3d67073fcf4dd42ef33110ab0f6fa4fd3205bc6d9cbb4498cbccb0842ca9afe7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91
410cc6faee28b2454b0489f76fabf3d18de600af70da9239122ebf4e876ed7f5
4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72
43d99b78f3bf4417e436a6b9c2e09756858c1f39455a2735c2392f1f25438ba5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b1b790b541aea6f5ab109ba3b2e2b1ae4d5886e5ab23d34e19cad45fb5f6449
50ae8f6901f4dc33efcb03726f510bcd758ee6d9ea91903261caa4e665c6323f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b430be7474d67af29a2b036fe83c807d997737dce3c116eb2f76323b7f1794f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6912d5fbc44543b6a5407642aa4d388c1b46973053049b6786f2e905ad6ac3b6
694afccaa98b7ee124a01bfbb0d214649198ccb5f4f61d3e5dbd3f47bf208bf3
695413a95b1e067e4f24fa8a90b9b201bb3bac60c3c9601a7c3678911ec34b83
6ecf132c0925664b0fd4018d43fbe34a96c9bc96c2243a4e6873f868cf4406bf
74268757077ed49e6e1a876dc9c52b7be321dddbd3f125a74ffe6a081efaa548
74d665254dd14619c93b2070287ba14b7a17d8ef4a13515a1e0fad7baffa8705
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7649147a25ed7c66c46fb8e223767423297d20fb8117d88d407a7dad093afc95
77745fdad8e78d2861218f262731401ce09b8ddad209cf8c9a67708b9ee1fe88
77c1abf8df498bcd9e3dabbc1e8c816b49938b953d95cc6c8aaf71e1da37f08f
77c40528087017be7c9eee276c5b0aace26d7ba0535848f2b18fba49cf784bbc
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cf5f97c15788cb57fb0628b699ea8c167fe1ccd4a5f12c88f10cae02515c9ef
7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8
86404468f48d96df16d50c315ec1c872982f83470b550016719fbb3caf717caf
883b61a0129a1c642102f5710a0366aedd0492e9e07b42e9d3f3c1136fc5ecf2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2f65b3e8cebe69f6578a5f009f158351eebacc290711aef475e6aeaa3e7cff
8f2b4ab5a0e2c2596d391cbe7f753c381ed3324aaacb080501c8027b11fec9a8
956f251a2eb1314a8f7f3ed140c4e9f5e7f3eb8f27602cafcd5dd79f7cf8a1aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df11387e0ac6fb4cfd8f641ae448fd091209a7bdd70a783e581d6478894810f
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f8cb8f6f8282e07c598adfd8e128f381dfa7b596354a6098cf7e759a9d48848
a0cc4c375abef624785e18452bc1d894418ad3bf04d8d4e0770720b08e43f5b8
a33ddfa8b452dd519607f20de01e163eddb4465b42e1d89ee313852c520a8902
a49547d3c7f0ff51d10030978f69f325c542a0f9fd29c7be74921673e13f796a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c165a38c11154f05817d0a00c426210954c11b97674bd3057815b13421e087
aa8319f3e74cc10bc64e4c9c95246cd4e5188a714a3ddcb3629150af79cbc439
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1d64161ed975740db4438102f9e93087dddf6c5d0f1868489c88688230a03ca
b2074347f4448eedf996fdf84decc85e175636e8323e5e0abb215328ed7537a8
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
be5fced7e00a902b33a642102842498f1fb405465db2d12004229d29d6771a24
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
c99248e8ffc0a48019fd68f96b9703c0f73eb2f82b9c00957a12b2e5bffd61a3
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d33faec85605392d3a462c18a49f06e001d2f5b2232981aff9e2a0e69e9ea0e3
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d5fd8af6eb018c09e73c831a400d4c52f227685baa6f44f8636c1f76eb9c0fcf
d6da2fde653dd2d4d5e7e91e84175e7f5e7ed32ca933b36a4a8041566a2f7b9f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d833e81b81cbcea374246f4da8067182339dc727b92635eff522f26d77daec30
d8f416d1eaba66983deb862a842a1d11d7e94df04a0222900b3519c201495e43
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
e02746476999ec30ba8042625cd59a101388932e9689c56cf10bcfa694b147ac
e22ec37bee291cad9e73a17c49e05e4bc5a79e4f1a7593988c48e52b0a7a7cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6ce0c27bd6342bab39da0d3beac1091655a56fa46f0c065397c890e5d2c7e0
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd3e16e953ba63d5b32519c813e693198c9c6ed31e29d26b232a2d64045a2e8
f12a652080b9b291fa78c8b0d8158b358668b56f2f01e2221c7e1ea95eafcb6e
f36b41d981f5f570a437ec2c905ac8d3a320a6a4ceeba82e1ad1d293d0626e5a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

jita.fun Open in urlscan Pro 104.149.199.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

89 %HTTPS

59 %IPv6

25 Domains

40 Subdomains

33 IPs

5 Countries

3526 kBTransfer

8728 kBSize

23 Cookies

15 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jita.fun Open in urlscan Pro
104.149.199.150 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

89 %
HTTPS

59 %
IPv6

25
Domains

40
Subdomains

33
IPs

5
Countries

3526 kB
Transfer

8728 kB
Size

23
Cookies

149 HTTP transactions
8 data transactions