Submitted URL: https://www.jnt.trackingresi.com/
Effective URL: https://jnt.trackingresi.com/
Submission: On July 03 via automatic, source certstream-suspicious — Scanned from SG

Summary

This website contacted 11 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 45.76.146.46, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is jnt.trackingresi.com.
TLS certificate: Issued by R10 on July 2nd 2024. Valid for: 3 months.
This is the only time jnt.trackingresi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 45.76.146.46 20473 (AS-CHOOPA)
2 104.17.24.14 13335 (CLOUDFLAR...)
5 64.233.170.155 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
9 172.217.194.157 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
9 142.251.12.101 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 172.217.194.132 15169 (GOOGLE)
1 142.251.12.105 15169 (GOOGLE)
36 11
Apex Domain
Subdomains
Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
75 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
297 KB
5 trackingresi.com
www.jnt.trackingresi.com
jnt.trackingresi.com
57 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
82 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
33 KB
36 6
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com jnt.trackingresi.com
pagead2.googlesyndication.com
4 jnt.trackingresi.com jnt.trackingresi.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdnjs.cloudflare.com jnt.trackingresi.com
cdnjs.cloudflare.com
1 www.google.com tpc.googlesyndication.com
1 ajax.googleapis.com jnt.trackingresi.com
1 www.jnt.trackingresi.com 1 redirects
36 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
jnt.trackingresi.com
R10
2024-07-02 -
2024-09-30
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
upload.video.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 12 frames:

Primary Page: https://jnt.trackingresi.com/
Frame ID: A3DD9923D4C99578D467BB9D3EAE5240
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: 8E4792F84DE13B54845579AC28F9B4E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1839787983&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042978&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978876&bpp=5&bdt=102&idt=72&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=3731335259902&frm=20&pv=2&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: 5DCA9EC6B28030E278AE63A74D0C56FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=2824717477&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978881&bpp=1&bdt=107&idt=119&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=127
Frame ID: 233AF33BE368CADDE5B5B33FF599F180
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=460x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978882&bpp=1&bdt=108&idt=135&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=140
Frame ID: 2BBA177752789943E1440EEE86BC8BFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=475x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978883&bpp=1&bdt=109&idt=147&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=149
Frame ID: 2DECC7A2C20CFD3E91EC5B210183B240
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978884&bpp=1&bdt=110&idt=157&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=159
Frame ID: D67E6B73AAD845DCA0BE57B6F63F9DDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1171094417&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978885&bpp=1&bdt=111&idt=166&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=168
Frame ID: 13C85E32D487E3FB73958B88282AC987
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720042979&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fjnt.trackingresi.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4&aiixl=30_6~27_3&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978886&bpp=2&bdt=112&idt=174&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280%2C998x280&nras=1&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fsapi=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&fsb=1&dtd=188
Frame ID: 055A8082858E56815FF1181398F7D728
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: 9F4A87D7751BE819C7B41977C6D25C22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6584311843D382C1DDBA83B8AC139C6E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B449743117A2F9CA1E5D9EB8EB486AA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Tracking resi J&T Express | Lacak paket & cek resi

Page URL History Show full URLs

  1. https://www.jnt.trackingresi.com/ HTTP 301
    https://jnt.trackingresi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

30 %
IPv6

6
Domains

9
Subdomains

11
IPs

3
Countries

544 kB
Transfer

1478 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jnt.trackingresi.com/ HTTP 301
    https://jnt.trackingresi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
jnt.trackingresi.com/
Redirect Chain
  • https://www.jnt.trackingresi.com/
  • https://jnt.trackingresi.com/
67 KB
10 KB
Document
General
Full URL
https://jnt.trackingresi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.146.46 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.146.46.vultrusercontent.com
Software
nginx /
Resource Hash
047eac1111f1b9a21cc00385f8e8ff82cf00d0f92324b71977771cda09aebd58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 21:42:58 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Wed, 03 Jul 2024 21:42:58 GMT
location
https://jnt.trackingresi.com/
server
nginx
base2.css
jnt.trackingresi.com/assets/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://jnt.trackingresi.com/assets/css/base2.css
Requested by
Host: jnt.trackingresi.com
URL: https://jnt.trackingresi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.146.46 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.146.46.vultrusercontent.com
Software
nginx /
Resource Hash
52b141d36a96723901d2a05d4629ba5607ffdd6b0deb6af42e4d1c2c06606566

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Oct 2021 14:32:59 GMT
server
nginx
etag
W/"6160569b-3ce0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
expires
Thu, 03 Jul 2025 21:42:58 GMT
logo.png
jnt.trackingresi.com/assets/img/
9 KB
9 KB
Image
General
Full URL
https://jnt.trackingresi.com/assets/img/logo.png
Requested by
Host: jnt.trackingresi.com
URL: https://jnt.trackingresi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.146.46 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.146.46.vultrusercontent.com
Software
nginx /
Resource Hash
ba23959957d961e0c4527a769b2249a6f37e247c1da3412d2eb5c9060062d535

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
last-modified
Thu, 16 Jan 2020 15:09:13 GMT
server
nginx
etag
"5e207c99-24f8"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
9464
expires
Thu, 03 Jul 2025 21:42:58 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: jnt.trackingresi.com
URL: https://jnt.trackingresi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1381062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0tqT4m25X2ZvgGTgv2C2uLKMD1s7n2Sd9RbwjYDv23TpNWHfcKAzuYc3eU%2BzicyE2lYKai9OE9Hh27dmmiGJuydXV1hgNSf5OBhpCyNMLM7D4RnhsfK49eKeXy5RvjITTJDBzOK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89da0c697d884090-SIN
expires
Mon, 23 Jun 2025 21:42:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: jnt.trackingresi.com
URL: https://jnt.trackingresi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
b61a6cf3c2fc37d202d6dcd744218878c94f099176b9234b6fa35acf45eebcb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Origin
https://jnt.trackingresi.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52928
x-xss-protection
0
server
cafe
etag
9981345423024958842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 03 Jul 2024 21:42:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: jnt.trackingresi.com
URL: https://jnt.trackingresi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Jul 2025 15:06:12 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://jnt.trackingresi.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
175779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOQB4e0HxBGsaI%2BZ5c1c5huf4qoeLqP4mieIuidZX6H6IBEJ%2F%2BsmDBB6occtmhHpPdQSFfdnKjYK9G6BD3QBp3BPx8Ggy5oVDVNHYuxyJKvGPIMYnU2SD7Aw4y2tJfj8gOpllP6a"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89da0c69dd9889be-SIN
expires
Mon, 23 Jun 2025 21:42:58 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/
425 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
4130c8ca4e4ece2cf801b4d5a43d38522d192e41ab92cec922a7a0ce23a2ed91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146844
x-xss-protection
0
server
cafe
etag
6751556331979692892
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jul 2024 21:42:58 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/ Frame 8E47
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
22663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 15:25:16 GMT
etag
2738592464165616
expires
Wed, 17 Jul 2024 15:25:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5DCA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1839787983&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042978&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978876&bpp=5&bdt=102&idt=72&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=3731335259902&frm=20&pv=2&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
409
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 233A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=2824717477&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978881&bpp=1&bdt=107&idt=119&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40689
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BBA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=460x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978882&bpp=1&bdt=108&idt=135&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44757
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DEC
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=475x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978883&bpp=1&bdt=109&idt=147&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40657
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D67E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978884&bpp=1&bdt=110&idt=157&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42660
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13C8
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1171094417&pi=t.ma~as.4379732321&w=998&abgtt=3&fwrn=4&fwrnh=100&lmt=1720042979&rafmt=1&format=998x280&url=https%3A%2F%2Fjnt.trackingresi.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978885&bpp=1&bdt=111&idt=166&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 055A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720042979&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fjnt.trackingresi.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4&aiixl=30_6~27_3&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720042978886&bpp=2&bdt=112&idt=174&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280%2C998x280&nras=1&correlator=3731335259902&frm=20&pv=1&ga_vid=1102357598.1720042979&ga_sid=1720042979&ga_hid=554985653&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95334508%2C95334528%2C95334564%2C95334571%2C95335888%2C31084996%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2430007519727341&tmod=1117136261&uas=0&nvt=1&fsapi=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&fsb=1&dtd=188
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56305
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:42:59 GMT
expires
Wed, 03 Jul 2024 21:42:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/
170 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/reactive_library_fy2021.js?bust=31084996
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
a0373841a1de6cbbcd31031ea403989164d357fdc02953d1e426ab8360c258ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58659
x-xss-protection
0
server
cafe
etag
839782586226096870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jul 2024 21:42:59 GMT
ca-pub-3799434046416860
fundingchoicesmessages.google.com/i/
199 KB
66 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3799434046416860?href=https%3A%2F%2Fjnt.trackingresi.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16a8dbe6087111b89fc40d2050cc01854648d72fb7de53f28de3bf31d2f74902
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DMca5hlY1fridLh9JkjBjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-DMca5hlY1fridLh9JkjBjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLheNw9fQubwI-1ixqZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzA0M9QzM4wsMAO5OObg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUrIM_GtMu9rQOYrbYtIizGCgBs490pl4V3jhdqsbJ6190hhRLrzLD2YFltI0ggK-O6YZAj92vy7nenltgyyaFww_wPNj1VHxm1IMWHeQkrrPs0G6m5muEksMW2mZAeNwFBaiftPQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUrIM_GtMu9rQOYrbYtIizGCgBs490pl4V3jhdqsbJ6190hhRLrzLD2YFltI0ggK-O6YZAj92vy7nenltgyyaFww_wPNj1VHxm1IMWHeQkrrPs0G6m5muEksMW2mZAeNwFBaiftPQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMDQyOTc5LDYwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9qbnQudHJhY2tpbmdyZXNpLmNvbS8iLG51bGwsW1s4LCJLcHdXOEJUNXhDSSJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ebeb8d042e8f38b26d4b693c1826c32758b9a32b52aab117d7863b42e62b7bc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_BRSrwhSfPE2tma7-Dh62w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_BRSrwhSfPE2tma7-Dh62w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1JBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0B4iURF1mPJF5kPfj4IutJIBbi4XjcPX0Lm8CJuU2rmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwNDPUMzOMLDACPPz6S"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/ Frame 9F4A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
22663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 15:25:16 GMT
etag
2738592464165616
expires
Wed, 17 Jul 2024 15:25:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVLtUUClPgjPTNfEWHwmwwaeRiPBA2WKWh71qaR4VveSkMrdvvbWC1ycgbXoo3vM8DhBhhnB0tSWfVEDwsQLJQfNcSgQLXBXUKldr62mnHyCG1pLeg8-m8OZwfqW-OVa-x2fyNmCw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVLtUUClPgjPTNfEWHwmwwaeRiPBA2WKWh71qaR4VveSkMrdvvbWC1ycgbXoo3vM8DhBhhnB0tSWfVEDwsQLJQfNcSgQLXBXUKldr62mnHyCG1pLeg8-m8OZwfqW-OVa-x2fyNmCw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMDQyOTc5LDY0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vam50LnRyYWNraW5ncmVzaS5jb20vIixudWxsLFtbOCwiS3B3VzhCVDV4Q0kiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
49da728cd4bf11f7f65d09af9ddf3451a6bc401832897246d7b5deec2cdc55ed
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jmJ4r_p8wL2U4IQ4XIO4Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:42:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jmJ4r_p8wL2U4IQ4XIO4Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLheNw9fQubwIaTx3YxKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsY6hmYxxcYAAD40jnu"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
exbl.min.js
fundingchoicesmessages.google.com/f/AGSKWxV12I50FiDPEgdKp_D1zr0IZ3mzDjcMzL2d0bte7N3D_MtioV3qJd8ANqgrb1CDwr5CoyOOI_l7EaGqPJcANKFf-i3A6TaX2NuZgp4WQFuZwQ0Gx7POr5CAqsbCRbu7sjObmQ3MJtiaJvfY5bD24nx9DrwgQ...
54 B
108 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV12I50FiDPEgdKp_D1zr0IZ3mzDjcMzL2d0bte7N3D_MtioV3qJd8ANqgrb1CDwr5CoyOOI_l7EaGqPJcANKFf-i3A6TaX2NuZgp4WQFuZwQ0Gx7POr5CAqsbCRbu7sjObmQ3MJtiaJvfY5bD24nx9DrwgQSn88n4bIUydgS3UoRSOXDzapVXfm3XO/_/quadadvert./exbl.min.js?_video_ads_/ad_top.-ad-ero-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMy5mJmlQc8QwxD-R7W4YEnGBd6VBg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
cd3901225de8a5c92fbd3b61d811492b2d8dbc683634dbd192222a863257b45f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5I_xp9qk6yAdk3F5PuzUMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-5I_xp9qk6yAdk3F5PuzUMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLheNI9fQubwIdL95sZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzA0M9QzM4wsMAANKOh0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/
68 KB
25 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMy5mJmlQc8QwxD-R7W4YEnGBd6VBg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:28:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25678
x-xss-protection
0
server
cafe
etag
6704855416901562528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Jul 2024 22:28:38 GMT
AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dFzit8DVxwWTUNMj40UTuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dFzit8DVxwWTUNMj40UTuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEHsz91MCq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzA0M9A_P4AgMAUaUryA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-p1NoDXA7PmjLGJjK_9772Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-p1NoDXA7PmjLGJjK_9772Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEH3TN6GJVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiYG5gaGegXl8gQEAOUsrbQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ctCCf0HJyLonio50iH4xxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ctCCf0HJyLonio50iH4xxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEPl_b1MSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzA0M9A_P4AgMAW0cr5g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LbtkEh-KRiHV0vuelLLidQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-LbtkEh-KRiHV0vuelLLidQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEd6172Myq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzA0M9A_P4AgMAUBIrvQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX9YvI4uPC8m2voP3pVGx44Sji9ku0YRtF9dhsi38g1ZLNsr8_jJbdCFmhoqw5ZEIguGakpk6QsdiI0KrMqrzP4H0HRM_bk03VDtaWxYS5NERXT9pS7SdZfgFVuaimTgM-YKj_12g==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX9YvI4uPC8m2voP3pVGx44Sji9ku0YRtF9dhsi38g1ZLNsr8_jJbdCFmhoqw5ZEIguGakpk6QsdiI0KrMqrzP4H0HRM_bk03VDtaWxYS5NERXT9pS7SdZfgFVuaimTgM-YKj_12g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMDQyOTgwLDI5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9qbnQudHJhY2tpbmdyZXNpLmNvbS8iLG51bGwsW1s4LCJLcHdXOEJUNXhDSSJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
a32d6f210fa8dc23299173fc3a4cfd2e94a0605751625ee7654ea06b4ad78210
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4I5gSG3CKeqLlE6ZAJtxSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-4I5gSG3CKeqLlE6ZAJtxSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLheNI9fQubwInZS6YyKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsY6hmYxxcYAADsyjmZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV3vJasCnvT0mRpkWS26apUwW8EkK8G6l7Nux6K6qk0QTPHpObfuyOc4l6Bp0hIPmjoTY4McPrXV2doNkCczM5MElIz-opLHr2LMeOhYmCAfVRYgl9gj1eWLXOV8RKCtXOJOFpYfg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV3vJasCnvT0mRpkWS26apUwW8EkK8G6l7Nux6K6qk0QTPHpObfuyOc4l6Bp0hIPmjoTY4McPrXV2doNkCczM5MElIz-opLHr2LMeOhYmCAfVRYgl9gj1eWLXOV8RKCtXOJOFpYfg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OlyU2AvDDhG-ykrrXJ1p-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OlyU2AvDDhG-ykrrXJ1p-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEDfRvmMCq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzA0M9A_P4AgMANnEraw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX6r0hfVs6A93s_VeDh0mM2Gxv4DAKp3P39pb6WHckQvcuS5SY1ctw7EPjsPABn9OP4RszeO30ESRnoS8ZctGFm6JSbovsbns9i1DfjY_iK0iVI0LYex5-A0SC1EUscy395O2O-vA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r7tAbtFLigKuuaKMK-NG0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jul 2024 21:43:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-r7tAbtFLigKuuaKMK-NG0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_Gke_oWNoEJez_MZ1RyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmBoZ6BubxBQYASJ8rrA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://jnt.trackingresi.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240702&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
a4fc91225426ac83a509b1f972234aec543044ecf3f7b7dd9667365e0e51050f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12640
x-xss-protection
0
favicon.ico
jnt.trackingresi.com/
115 KB
34 KB
Other
General
Full URL
https://jnt.trackingresi.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.146.46 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.146.46.vultrusercontent.com
Software
nginx /
Resource Hash
859f5f8011cbb4c7d83b58f829cf192a7b1d17e502fcacc5006c2db658d537cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:43:01 GMT
content-encoding
gzip
last-modified
Thu, 26 Dec 2019 07:45:48 GMT
server
nginx
etag
W/"5e04652c-1cd23"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=31536000, public
expires
Thu, 03 Jul 2025 21:43:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_fy2021.js?bust=31084996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jnt.trackingresi.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Jul 2024 21:43:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6584
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
130459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 09:28:42 GMT
expires
Wed, 02 Jul 2025 09:28:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2B44
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WhrjhN2q5GLARb8RHTOIug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://jnt.trackingresi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WhrjhN2q5GLARb8RHTOIug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 21:43:01 GMT
expires
Wed, 03 Jul 2024 21:43:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240702&jk=2430007519727341&bg=!HR6lHlHNAAZ5zPvEWcw7ADQBe5WfOI75lRvnkOf4S-DZhrh4NBxylLubeS596vZzKe_DzKT_IcXw1JZZGCaKZpvuPFVlAgAAADpSAAAAA2gBB34ANYI9WbZKjRm2bFB2lercszgUMoao_VPLwzrHQr-rop9kXUIATjthq0dpmK-XjvikWBQZ0IONCgA4AX4OtbV7WD-491ly1OmPRBZQ19T55OKbgwjuB_PS-5OWXbvj4uO7qmBe_lBJI4eMeskXrH_DiGeZAqPItcdl7LZ7VY3KZImdgl6wtxUFUnaXo277eHJOdo_QFThfrGFP_DtrX4e_uWI-7S57Vyry9sNyhG1Q-cXy5pOrKYcUtoxs3GiGEp6B9vYzlQvlDmwp0YunlyB2ZY3yx1PbqOZtnIfY0h7he1hW0w6ih1mjKcdD09fTgHZ_uHi-HvIJQLg4YnMN1GY_jr-Jj3_2FfE9RMLvdsVgqMtsxiaePSpvFeBRyPK_sYjiWUr0ejbMC-rh2E2cfo9_XOjAaF-4SVH7lddgS-Urb5zNWwLmtaxqAtAiBKP_rOOQzrFPfiTRUJBgc6sW3-jGBXz9kc9XFcffygG0jzw2qJc-t99vgxHdWQQQ-gHdYC6duTtgZ5grYeX_rM9DqDaMeemBSKrC6uiTS4ttI6Xcja_pxnSr9aEHY1TGFNzjBNe6_mTlwCDT31M0JVBc1gfER_ji442TV-iayVvZyib-zmOdbk6DAg51Aqv1KZsO36nCx0tGzd3XivcEx6urBvKIVJnhHD4sjBwieQTDQJyuXDNETIfVIubtf44M5olZABYtN72wkBFJk6HD2PrZ5m7EkizZUiGJ7m0XjssiiZb6l2cwuTPYGsh0Ri6qILi7wrQrcSyrHVnexrG-k7T6I13YSfBfa79ZAXmFwPmdnebfbTWLHrnF8teL2URLW1Z45dZX2pNR1cK20vTAw9gyzpDioEZxI6kdjqprG4ozuPGqJZd6VGfnGhL1Xf5tiusxQXEvPf-vD4ur3k3m2pIxv_avtUKQJK892VnAr_GE8J9v7AP9vzoxGJIEnWyub7A-vF7Y3Wa3fR2q20MSsi9qLx9kMXDWzcGe72bGpnRsV-kN0HXg8QWpi_ekq3ONhSaz7EX_YgT7KLsv6IMDdMMfFfIs1I6_uB3uK44

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 undefined| event object| fence object| sharedStorage object| adsbygoogle function| $ function| jQuery object| jQuery111109766049790756701 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Mzg5OWQzYjZlMGZjYWQ3NWxvYWRlcl9qcw== string| Mzg5OWQzYjZlMGZjYWQ3NWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| _google_rum_ns_ boolean| c483fc7c-8dc9-45ec-8057-c40954b53172 undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.trackingresi.com/ Name: __gads
Value: ID=2b1eabfeba284cb1:T=1720042979:RT=1720042979:S=ALNI_MY8Gd9hUE10AC_RBL3bfgM1z7bb3g
.trackingresi.com/ Name: __gpi
Value: UID=00000e71cfa95568:T=1720042979:RT=1720042979:S=ALNI_MYA3XwfnsNv8S5nlAjZYAm3NhB9Yw
.trackingresi.com/ Name: __eoi
Value: ID=c2fd52ecc5102836:T=1720042979:RT=1720042979:S=AA-Afjapk9drv4Sj7F4v7Cv5YPFe
.doubleclick.net/ Name: IDE
Value: AHWqTUkxZYr4lTO2MXI0HZasUCcsfA3AXz-PrILrGbsKaex8zCLAbyZM32M1evVIndQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.trackingresi.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_xRBaFE_-jWXa7foRG15nOiRV2F-C3IhpTNRx22SD0icz9Ly3Z36nSG40FlGhvXt_85IrFKZ1wJIx5eIdVV2DfYcBQn8XP3Pcnho7bFUgDK9Y46-I2h6SwK18r67W2qzmA47HlW6gCWaNwCMwKlqOZHD_row%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
jnt.trackingresi.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.jnt.trackingresi.com
pagead2.googlesyndication.com
104.17.24.14
142.251.12.101
142.251.12.105
172.217.194.132
172.217.194.157
2404:6800:4003:c03::84
2404:6800:4003:c1c::5f
2404:6800:4003:c1c::8a
45.76.146.46
64.233.170.155
047eac1111f1b9a21cc00385f8e8ff82cf00d0f92324b71977771cda09aebd58
16a8dbe6087111b89fc40d2050cc01854648d72fb7de53f28de3bf31d2f74902
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3ebeb8d042e8f38b26d4b693c1826c32758b9a32b52aab117d7863b42e62b7bc
4130c8ca4e4ece2cf801b4d5a43d38522d192e41ab92cec922a7a0ce23a2ed91
49da728cd4bf11f7f65d09af9ddf3451a6bc401832897246d7b5deec2cdc55ed
52b141d36a96723901d2a05d4629ba5607ffdd6b0deb6af42e4d1c2c06606566
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
859f5f8011cbb4c7d83b58f829cf192a7b1d17e502fcacc5006c2db658d537cf
a0373841a1de6cbbcd31031ea403989164d357fdc02953d1e426ab8360c258ee
a32d6f210fa8dc23299173fc3a4cfd2e94a0605751625ee7654ea06b4ad78210
a4fc91225426ac83a509b1f972234aec543044ecf3f7b7dd9667365e0e51050f
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
b61a6cf3c2fc37d202d6dcd744218878c94f099176b9234b6fa35acf45eebcb8
ba23959957d961e0c4527a769b2249a6f37e247c1da3412d2eb5c9060062d535
cd3901225de8a5c92fbd3b61d811492b2d8dbc683634dbd192222a863257b45f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855