www.jurnas.com Open in urlscan Pro
2606:4700:3036::ac43:8a96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Submission: On September 02 via manual (September 2nd 2021, 4:23:15 am UTC) from ID

Summary HTTP 139 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 25 domains to perform 139 HTTP transactions. The main IP is 2606:4700:3036::ac43:8a96, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jurnas.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time www.jurnas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3036::ac43:8a96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
19	45.76.154.30 45.76.154.30	20473 (AS-CHOOPA) (AS-CHOOPA)
2	104.84.232.122 104.84.232.122	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.14 18.66.97.14	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	18.66.112.71 18.66.112.71	16509 (AMAZON-02) (AMAZON-02)
1	54.187.141.46 54.187.141.46	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:60::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:5262:f748:a686:7ff3	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
139	37

13 2606:4700:3036::ac43:8a96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jurnas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 45.76.154.30 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.154.30.vultr.com

images.jurnas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xms.jurnas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.232.122 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-232-122.deploy.static.akamaitechnologies.com

ct5.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i3.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.71 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.141.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-141-46.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:60::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:5262:f748:a686:7ff3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	jurnas.com www.jurnas.com images.jurnas.com xms.jurnas.com	657 KB
24	googlesyndication.com 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	263 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	184 KB
16	youtube.com www.youtube.com	749 KB
7	googlevideo.com r5---sn-4g5e6ns6.googlevideo.com	1 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	89 KB
6	google.com adservice.google.com www.google.com	15 KB
6	ytimg.com i3.ytimg.com i.ytimg.com	140 KB
4	googletagservices.com www.googletagservices.com	128 KB
3	google.de adservice.google.de www.google.de	394 B
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	695 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	337 B
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	455 B
1	quantserve.com cms.quantserve.com	463 B
1	ggpht.com yt3.ggpht.com	4 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	addthisedge.com v1.addthisedge.com	325 B
1	moatads.com z.moatads.com	1 KB
1	addthis.com ct5.addthis.com	114 KB
139	25

	Domain	Requested by
18	images.jurnas.com	www.jurnas.com
16	www.youtube.com	www.jurnas.com www.youtube.com
13	www.jurnas.com	www.jurnas.com
12	pagead2.googlesyndication.com	4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.jurnas.com securepubads.g.doubleclick.net www.googletagservices.com
10	tpc.googlesyndication.com	4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
7	r5---sn-4g5e6ns6.googlevideo.com	www.youtube.com
6	securepubads.g.doubleclick.net	www.jurnas.com securepubads.g.doubleclick.net 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com www.googletagservices.com
5	cm.g.doubleclick.net	www.jurnas.com googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	1 redirects www.youtube.com pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.google.com	www.jurnas.com www.youtube.com tpc.googlesyndication.com
4	i3.ytimg.com	www.jurnas.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
2	i.ytimg.com	www.youtube.com
2	4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.jurnas.com www.google-analytics.com
2	platform.twitter.com	www.jurnas.com platform.twitter.com
2	fonts.googleapis.com	www.jurnas.com googleads.g.doubleclick.net
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.jurnas.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.jurnas.com
1	certify.alexametrics.com	www.jurnas.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	v1.addthisedge.com	ct5.addthis.com
1	z.moatads.com	ct5.addthis.com
1	certify-js.alexametrics.com	www.jurnas.com
1	xms.jurnas.com	www.jurnas.com
1	ct5.addthis.com	www.jurnas.com
139	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
images.jurnas.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Frame ID: 4E18D2608D56FA9E85FE4BFE1FA4AD3E
Requests: 60 HTTP requests in this frame

Frame: https://xms.jurnas.com/counter.php?id=36298
Frame ID: 949C711CCE19137F6A89EC6490DFAB55
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
Frame ID: 0AC51E95B7FC5F000B0404467BBA81FD
Requests: 33 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jurnas.com
Frame ID: FF5DD515A7A9DA4495487A88B6B37188
Requests: 2 HTTP requests in this frame

Frame: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8867649861F981FA1B20D1618D61E158
Requests: 1 HTTP requests in this frame

Frame: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C86419D327A052962F82424385058086
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Frame ID: BCB2BE9CDE55F8C7FC036E7CB636F9F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81
Frame ID: CC746DF2773C064780B919C176B12FB5
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F936F65E5E448A1FA7E24DCE14C7F78D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
Frame ID: 5C2E2813756ECAEF2E1B4DF6A795B164
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A506673C94F1AFAEE12E19797D9497F5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D6BF27A8C8D1A7FC67FB12423CF47B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FF5B4B444C19A69D01A1F6F0CF5D94C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C1FBED20B84B1E017870461F8A5F15D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spencer Tunick Diizinkan Sesi Foto Telanjang di Australia

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

139
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

39
Subdomains

37
IPs

7
Countries

3766 kB
Transfer

7985 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/jurnasnews

Search URL Search Domain Scan URL

URL: https://twitter.com/jurnascom

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/1/+RedaksiJurnas

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 116

https://rtb.openx.net/sync/dds?google_gid=CAESEMEBlWlDVFqAVEH6RwViOvg&google_cver=1&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEMEBlWlDVFqAVEH6RwViOvg&google_cver=1&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&google_hm=rpL2fkZIyAAzOiK8WIPNBA==

Request Chain 117

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELOfsA2ruZr4wyr_OxilPwg&google_cver=1&google_push=AYg5qPJ41LnzZ9pwBuW1LRPL-dlmDJSEZpx0TQLF5xjWc_UreeBfn8-teriQRnt2C4mqwb1VtyZfCrjp51agXRmZ-0xWfoBIn2I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELOfsA2ruZr4wyr_OxilPwg&google_cver=1&google_push=AYg5qPJ41LnzZ9pwBuW1LRPL-dlmDJSEZpx0TQLF5xjWc_UreeBfn8-teriQRnt2C4mqwb1VtyZfCrjp51agXRmZ-0xWfoBIn2I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6BsJ1K18TVaS_ye-QmoPWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ41LnzZ9pwBuW1LRPL-dlmDJSEZpx0TQLF5xjWc_UreeBfn8-teriQRnt2C4mqwb1VtyZfCrjp51agXRmZ-0xWfoBIn2I

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFmtY_hwHr4zdD9T7pWCDNQ&google_cver=1&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R_wqt0ctNbr263d-dprm_M2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QyRkFBS0ItWC1GRkhX&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R_wqt0ctNbr263d-dprm_M2Q

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_cver=1&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU

Request Chain 121

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKi_RxZ7-dIEHvJAR20qT7Y&google_cver=1&google_push=AYg5qPJ2wscx6OrjVC-jBrUtEQIcu6YADOo4EqXKZXBiz_X58swo6DLPZgLg6q7ZXwq-N3gL7aVoMzuVhYRaPOL1TjYkBjtup_-e HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ2wscx6OrjVC-jBrUtEQIcu6YADOo4EqXKZXBiz_X58swo6DLPZgLg6q7ZXwq-N3gL7aVoMzuVhYRaPOL1TjYkBjtup_-e&google_hm=

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/ 27 KB
8 KB 864ms
784ms Document
text/html 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 2540d3d4f62400798731c24558893081504584406c29440783e2ad8ddd673bd6

Request headers

:method: GET
:authority: www.jurnas.com
:scheme: https
:path: /artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO%2Bg5j2sToVaoMpbfbWg70fT6Ja2GQbSYKGvuAYbVmWf4q3Xy17TO0LY63mFMGLacEPVOwa2%2FHaSQt1Tzd3FX16AucjqjtbUX2CekWQucRkEjOVRyZ27l8SsiXbuBsc2CuM1xskEyG1OVm06hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6883f5ac0924cadc-ARN
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ag.home.css
www.jurnas.com/assets/css/ 123 KB
22 KB 75ms
41ms Stylesheet
text/css 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/css/ag.home.css?20160719T1232
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8630eeb8023cb0e327dba351359f8c8f80ad619e1d2684d3c2a61c857e2a674

Request headers

:path: /assets/css/ag.home.css?20160719T1232
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1673
cf-polished: origSize=153907
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 18 Mar 2021 13:50:46 GMT
server: cloudflare
etag: W/"25933-5bdcfe2ee9fe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnC2Hy6yD479mQEW4RNtGLK%2FNVd7Bb0SzFZwVgICeqAgLZaL%2Bl6bYjjtKVR6hX3H7IwLxQxMn13jEIXzaMqu61bZBOGFAtGiTAubgvY1vRtdPbm5HkTq1uFIftEbapd296vCmzPIeUJOl0A8Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6883f5b12a78daa8-ARN
cf-bgj: minify

GET
H3-29 200 ag.base.css
www.jurnas.com/assets/css/ 187 KB
26 KB 1206ms
1172ms Stylesheet
text/css 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/css/ag.base.css?x=?1478824145
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6358049afd72741aa455a3593160b5ae19c5843b3370e1f91527a97236c04010

Request headers

:path: /assets/css/ag.base.css?x=?1478824145
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 13:50:46 GMT
server: cloudflare
etag: W/"2eae2-5bdcfe2f08449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKsy7rVUiqGUOqVFi1OvRYpTxylpJ%2BD8aGk424uTIGPu%2BphkAqlUq77PWViAz%2FyOLyEYZ2dcLD5d7n%2FR13rUACoxXc3e1FGYST6Z%2FnOAmqXqnbPes923Nvkb05KorwhHWjW543yYddGZdhZJ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5b12a77daa8-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ag.jquery.js Show response
www.jurnas.com/assets/js/ 174 KB
58 KB 2570ms
2536ms Script
application/javascript 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/js/ag.jquery.js?x=?52390524
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 485a5a81780bc63df0a4c33c0cbd6a31bf934217f10fbfec68372de0551931da

Request headers

:path: /assets/js/ag.jquery.js?x=?52390524
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 15:14:54 GMT
server: cloudflare
etag: W/"2b7df-5bdd10fd0a5eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1HASplpoIqdZvtI5IFAyicC0RFxSh0I3HSRCrs8CNURt%2FKutOcoX6J%2FvbVe02X4zzOBVIqBKiQQE1Vs%2BgB88Mow3PQ%2BhmnmJh1vdbTz43DAda4NjC5MX3%2BhzUfgzBPvgKKEmjzT2FwaFwLz8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5b12a7cdaa8-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ag.leisure.css
www.jurnas.com/assets/css/ 96 KB
17 KB 888ms
855ms Stylesheet
text/css 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/css/ag.leisure.css?x=?1554079646
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c6d6b63dff86a7c901624e168d8031d9e8fd115692497b62ce5b2991443b6d3

Request headers

:path: /assets/css/ag.leisure.css?x=?1554079646
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 13:50:46 GMT
server: cloudflare
etag: W/"17f88-5bdcfe2f041e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRQV3jaLvVgKWkbKQBmgpYhON9uxKibbCardtwLnSCTIKgYlWXnuX5o0QNLY4iP8Cb8Fz3bPKMKorzhGTwOkgPZlDbwaDS2VfO5Fs4MeT78juBLi33kNxyZT0AirYR7CAuS8cO9SL%2FpAABsIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5b12a7adaa8-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 cnn.style.css
www.jurnas.com/assets/css/ 110 KB
24 KB 1408ms
1375ms Stylesheet
text/css 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/css/cnn.style.css?x=?1825437083
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0177b886d0f40b79ec68428efe2439ad3ac0eab78b9443713884ce0e40c803f0

Request headers

:path: /assets/css/cnn.style.css?x=?1825437083
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Dec 2019 11:43:00 GMT
server: cloudflare
etag: W/"1b9d1-59aadfef11e65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e492qbgQTmC1Y4BqmHouT4Ie1Kqv2YN6dzC9eD5VbnctRSsXpcIjBYMBDPwh6v5VVXDdrrWkQasPWY8bSH%2BGXe%2F08uHo8jcZZfXZv2YgdI7aRvs%2FWdSHwnzNO%2FiSqkh8bZkW63JZUtVufD4A%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5b12a75daa8-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 article.rs.css
www.jurnas.com/assets/css/ 102 KB
17 KB 1666ms
1633ms Stylesheet
text/css 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jurnas.com/assets/css/article.rs.css?x=?1075917562
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca1f949acb5dbc9cf00e72c08ac3ee4fd790c20eea37848ea5b3e7389b603ff

Request headers

:path: /assets/css/article.rs.css?x=?1075917562
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Dec 2019 11:43:00 GMT
server: cloudflare
etag: W/"197e8-59aadfef106f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1AyonNjlT8%2FRUG%2BkgerhhK2HJ4gqEKmQ0Ba83GHhyCGjN8Bd3rItz8V8iN7El66eir57uiFY9oNIFN2OmkWKhCVIBUD%2BhN02QVw3eAPr8N%2Bp8BeAN0aS1REl92SYlRbQozA8gOtPGuMCkr3fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5b12a7bdaa8-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900|Roboto:400,700,900

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0d187a43ffdce44e1e37db7b4aae12e841a90af13239487f09c93ec3b96fbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 04:22:52 GMT
server: ESF
date: Thu, 02 Sep 2021 04:22:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 04:22:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 39ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7971856b3f659f52ea41db855c792892317b7446e3a15e355dcbd4a65d21f007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "975 / 319 of 1000 / last-modified: 1630534611"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25001
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:54 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 10ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6711)
Age: 565
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H/1.1 200
OK conf-Jurnas_11.jpg
images.jurnas.com/img/ 35 KB
35 KB 693ms
171ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/img/conf-Jurnas_11.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 746239df59bdd42446bcf29a5560390ad662a98155ad55c5c1cde20e88c45eb6

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:54 GMT
Last-Modified: Tue, 28 Apr 2020 19:09:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "8ad1-5a45e917cf4ad"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 35537

GET
H3-29 200 ico_search.png
www.jurnas.com/images/ 496 B
1 KB 42ms
41ms Image
image/png 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jurnas.com/images/ico_search.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed992c8ec0cf35c7a9a931cc098084d28f1d7fe16fd11d4a124471fd1b716334

Request headers

:path: /images/ico_search.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 496
last-modified: Thu, 18 Mar 2021 13:50:49 GMT
server: cloudflare
etag: "1f0-5bdcfe319b359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIAm06xnURalN7jKGxQRFQC781zDQqOvbDl7%2BNt1XBuMSPitQxBdvh2lRJgAKrNBouA9Gh6kguZVclL%2BFBrerNBznC3soKbhKQfwz4LK6eJPBWKH9VeMckp2t2IJdi5llUTrQPSpB7Esy1BJsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6883f5c13b11daa8-ARN

GET
H3-29 200 icon-fb.png
www.jurnas.com/images/ 2 KB
2 KB 47ms
39ms Image
image/png 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jurnas.com/images/icon-fb.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f7dbd210415a53f4c8fa78e11b81cbd1c042bcba83a6140f0a80d1af412c50

Request headers

:path: /images/icon-fb.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1772
last-modified: Fri, 27 Dec 2019 11:43:00 GMT
server: cloudflare
etag: "6ec-59aadfef3b28e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAGPdmKw02NfVbOHFfUvDEfg3QBtb5jk3mkBQKfe%2F669WaGM0pAiaDyqg%2FD0ZyWy5C4%2FmFp9DZifk6QNE7dbucRZtVQH7gIQ2pnf%2FlIaSL2KD7jhG1Gsft4YY3zB5L%2Ba7zzRFc1OrZuRIZv5xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6883f5c16b47daa8-ARN

GET
H3-29 200 icon-tw.png
www.jurnas.com/images/ 3 KB
4 KB 46ms
38ms Image
image/png 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jurnas.com/images/icon-tw.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b9660ee92c6c5496fab8e3db01a3ce454085b362209911a0ea78d77fbf84d5d

Request headers

:path: /images/icon-tw.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3149
last-modified: Fri, 27 Dec 2019 11:43:00 GMT
server: cloudflare
etag: "c4d-59aadfef3be46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HwzNhtoUydHg5pLUyhuiXv77BpAGKPYngEO7fEk2l74WeiApW63%2BFCZ7WI2pR5TRCqkSHYyBsU90oVhhTJigYzLX7HCv38wHaYVLso3Jgrw6JD3AcGKxJDA8PGEkcO87VHCLakM03m4vsmNUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6883f5c16b48daa8-ARN

GET
H3-29 200 icon-g.png
www.jurnas.com/images/ 5 KB
5 KB 46ms
38ms Image
image/png 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jurnas.com/images/icon-g.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe835c5594c209e3f5dda9b15e7908cf3bf65c42e857c76fb232b6e05939c98

Request headers

:path: /images/icon-g.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4706
last-modified: Fri, 27 Dec 2019 11:43:01 GMT
server: cloudflare
etag: "1262-59aadfef59306"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4Em9NOJTqSI3UaCEyxJp89Ht6NRGM2uH%2BBGpcL963xg%2FhjW3R46ruZhEkHXb9XRbm9d9h8pfvQ46toF%2BHjKbHndEsnoLbc6GrhKsQg5iMiHl0LOgaxsLwsjyA%2Bixfen31YPYFIH97QTvmbffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6883f5c16b4adaa8-ARN

GET
H2 200 addthis_widget.js Show response
ct5.addthis.com/js/300/ 353 KB
114 KB 83ms
25ms Script
application/javascript 104.84.232.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct5.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.232.122 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-232-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 02 Sep 2021 04:22:54 GMT
x-host: ct5.addthis.com
content-length: 116325

GET
H/1.1 200
OK d14086a80e1dc2a8025cd67009de7a40_1.jpg
images.jurnas.com/posts/1/2018/2018-06-16/ 56 KB
57 KB 261ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2018/2018-06-16/d14086a80e1dc2a8025cd67009de7a40_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 7eb3626a290830aae333f8314c32e716f9fb45baeeb0dfa109ece42c2add3a48

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Last-Modified: Sun, 19 Aug 2018 19:18:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "e1e7-573cea6d1ff88"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 57831

GET
H/1.1 200
OK 3fbf2712a476825370255860683a299c_2.jpeg
images.jurnas.com/posts/1/2021/2021-09-01/ 8 KB
8 KB 1575ms
183ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-09-01/3fbf2712a476825370255860683a299c_2.jpeg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 774831ac1b58bdee4c3cee5d151d4aee8568ca1d4aeee2ffd066875c8a717d4c

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Wed, 01 Sep 2021 15:06:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "1f36-5caf068d3be1d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7990

GET
H/1.1 200
OK 84962e673b00155f0a2d9ab2220d2e85_2.jpg
images.jurnas.com/posts/1/2019/2019-08-30/ 6 KB
7 KB 1599ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2019/2019-08-30/84962e673b00155f0a2d9ab2220d2e85_2.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: b548dccb39d7ba241a613cee6af10dd3b458f926013495886fcfc6466c078c85

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Fri, 30 Aug 2019 13:00:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "196b-5915535a3a6f6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6507

GET
H/1.1 200
OK 4c0b2bc78f2ccf38d6e6170e0ea1b9a4_2.jpeg
images.jurnas.com/posts/1/2020/2020-03-19/ 7 KB
7 KB 1807ms
260ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2020/2020-03-19/4c0b2bc78f2ccf38d6e6170e0ea1b9a4_2.jpeg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: d19034e0ad14cea988ce7735ad799283055200ff4171d0916ef2d7136ffde3ce

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Thu, 19 Mar 2020 15:14:14 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "1c1f-5a1369f2e3961"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7199

GET
H/1.1 200
OK bb0dca26cb903c140267037c10fef6e9_2.jpg
images.jurnas.com/posts/1/2019/2019-08-29/ 6 KB
6 KB 1764ms
183ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2019/2019-08-29/bb0dca26cb903c140267037c10fef6e9_2.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 7b1bd1fb0e572c56270a56e0e1fbb2a0818276f1490373aa21f2240a57339f67

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Thu, 29 Aug 2019 12:37:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "161e-59140c31999ed"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5662

GET
H/1.1 200
OK 80d6e79653fd12e5cb08c94ede70b219_2.jpg
images.jurnas.com/posts/1/2020/2020-11-11/ 8 KB
8 KB 1671ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2020/2020-11-11/80d6e79653fd12e5cb08c94ede70b219_2.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 0106d543a57c4bac832893ebf9e07119e9e972e44a67200314ab1ff730bc6e78

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Wed, 11 Nov 2020 09:56:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "2085-5b3d1cef5ae32"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 8325

GET
H/1.1 200
OK 15efbf393deea3556d338e9a94198f63_2.jpeg
images.jurnas.com/posts/1/2021/2021-08-28/ 7 KB
7 KB 920ms
167ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-08-28/15efbf393deea3556d338e9a94198f63_2.jpeg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 1544724c5f024121775d4f8b55cce6e88e93402d62be60b36cce340dc81790de

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Last-Modified: Sat, 28 Aug 2021 07:29:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "1bf0-5ca998ef50641"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7152

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/76lAs54Iu_U/ 49 KB
49 KB 46ms
14ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/76lAs54Iu_U/hqdefault.jpg

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5341db49bcc952e3cdaf78f8c46ff838c8cf265c0cff9100b33454fa65e57da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1630391991"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49941
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:27:54 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/O9sJxvCe2XI/ 12 KB
12 KB 55ms
23ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/O9sJxvCe2XI/hqdefault.jpg

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

962a0cc20e899fba47dd519b61b5c303333f3df95bb43112de6ae8550e86dc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11891
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:27:54 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/ST1dQF2JCOE/ 20 KB
20 KB 65ms
34ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/ST1dQF2JCOE/hqdefault.jpg

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb503ad3e5b210ff014f35ca1de11930209fc970a8e9c04f018ee9ae51c0fac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20516
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:27:54 GMT

GET
H2 200 hqdefault.jpg
i3.ytimg.com/vi/RyChbbLx4dE/ 14 KB
14 KB 64ms
33ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.ytimg.com/vi/RyChbbLx4dE/hqdefault.jpg

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920d7952290e86cf7c0d3095d4ad3c2bcba502d5464bcabb51616fbefe84b3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14769
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:27:54 GMT

GET
H/1.1 200
OK 3c6749f7c3d2d12b14f533e64d0e2faf_1.jpg
images.jurnas.com/posts/1/2020/2020-12-29/ 24 KB
24 KB 255ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2020/2020-12-29/3c6749f7c3d2d12b14f533e64d0e2faf_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 423543478f8a90ffc7485aee626c6845eada6453ec76daecc1c83f1842876c24

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Tue, 29 Dec 2020 12:49:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5ea0-5b799d3887a53"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24224

GET
H/1.1 200
OK aa97b958017fbb2d69a7d4820b99f12f_1.jpeg
images.jurnas.com/posts/1/2021/2021-07-16/ 26 KB
26 KB 413ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-07-16/aa97b958017fbb2d69a7d4820b99f12f_1.jpeg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 6dda368449268f1c34088ef4f4cf223a351125efa19f43bcb247640b9c53a10b

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Last-Modified: Fri, 16 Jul 2021 11:37:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "6724-5c73c02b15265"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26404

GET
H/1.1 200
OK 38793a8429eb2420ba1206b6fd43d086_1.jpg
images.jurnas.com/posts/1/2019/2019-11-13/ 43 KB
43 KB 247ms
183ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2019/2019-11-13/38793a8429eb2420ba1206b6fd43d086_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 28534ed8132da49d3499ee32b04a91b6ad05041969e981bd2da8f665081fb4eb

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Wed, 13 Nov 2019 15:58:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "aa7a-5973c6e642d1a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43642

GET
H/1.1 200
OK faff13034b4253ba81b6aaf5a34bac2d_1.jpg
images.jurnas.com/posts/1/2021/2021-05-18/ 40 KB
40 KB 196ms
183ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-05-18/faff13034b4253ba81b6aaf5a34bac2d_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 793cf5b54acfd67f2055ecdfa793e41cb41b5f034b09ce21f72902a5c4dc0ef9

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Tue, 18 May 2021 08:19:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "a0a9-5c2965e5fb926"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 41129

GET
H/1.1 200
OK a5067c8035b9ca8fbedcbe31487e1ced_1.jpg
images.jurnas.com/posts/1/2021/2021-04-29/ 23 KB
23 KB 1253ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-04-29/a5067c8035b9ca8fbedcbe31487e1ced_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 91d5a3cfcf0c0332599c383b9ed73b0a82890934a70dd674ac95c84178cb3dc2

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Wed, 28 Apr 2021 22:44:51 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5c44-5c110206d4f3f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 23620

GET
H/1.1 200
OK 1d4f2ae05b5102020e6d79e582ffd568_1.jpg
images.jurnas.com/posts/1/2021/2021-09-02/ 51 KB
52 KB 582ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-09-02/1d4f2ae05b5102020e6d79e582ffd568_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 31f5401d6d4213b40bbb2793641bf6fc0d8439867531abbd10cdcb847495ab14

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Last-Modified: Thu, 02 Sep 2021 03:47:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "cde9-5cafb099eb79e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 52713

GET
H/1.1 200
OK ddf2c6004c5a8407c68b965529a153e9_1.jpg
images.jurnas.com/posts/1/2021/2021-05-18/ 24 KB
24 KB 1395ms
183ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-05-18/ddf2c6004c5a8407c68b965529a153e9_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 4c4b1879ca626633c87773b9fbadeda3cdb8a6002a689ad80cd83401755f702d

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Tue, 18 May 2021 06:59:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5f91-5c2954121b38f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 24465

GET
H/1.1 200
OK 4106a23c7b62286ccc071e93054e31bf_1.jpg
images.jurnas.com/posts/1/2021/2021-08-31/ 41 KB
41 KB 1345ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-08-31/4106a23c7b62286ccc071e93054e31bf_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 983eb4c3dab55de9d9f9b999559805354669583f1fd395c2775d42fd40ce0d14

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Tue, 31 Aug 2021 08:23:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "a36e-5cad6a9b5068a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41838

GET
H/1.1 200
OK 7c8f11cd834af00f9606a70875b30c26_1.jpg
images.jurnas.com/posts/1/2020/2020-06-02/ 21 KB
22 KB 1086ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2020/2020-06-02/7c8f11cd834af00f9606a70875b30c26_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 46adbd76d29e2f424e4a819e309cc8a9e9ae1f7ea908ecddf81fda65bf0b74ce

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:56 GMT
Last-Modified: Mon, 01 Jun 2020 22:56:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "55e3-5a70db4bea5e5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 21987

GET
H/1.1 200
OK d8eb628205377771c0fdc5c1221cb997_1.jpg
images.jurnas.com/posts/1/2021/2021-09-02/ 28 KB
29 KB 752ms
166ms Image
image/jpeg 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jurnas.com/posts/1/2021/2021-09-02/d8eb628205377771c0fdc5c1221cb997_1.jpg
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 374fb16c4a4f9765f9e027a5e8e2e7e3ad8836d504229596a8ae6bfc6c805dd2

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Last-Modified: Thu, 02 Sep 2021 01:55:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "710d-5caf97a202471"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 28941

GET
H3-29 200 1-JURNASCOM%207%20OK.png
www.jurnas.com/images/ 10 KB
11 KB 42ms
38ms Image
image/png 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jurnas.com/images/1-JURNASCOM%207%20OK.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f469fd78034d396311f471dfa3928d5e14c9cce6036065c5ef815774cb8541

Request headers

:path: /images/1-JURNASCOM%207%20OK.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1664
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10542
last-modified: Thu, 18 Mar 2021 14:41:24 GMT
server: cloudflare
etag: "292e-5bdd097fe55ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n3KKsuravx8nZ%2FalGc%2FwDL84t28AOrLpbcXN00ruyex7P706TmwXp71Ymx28gtX6Y7HVSQL2sTrHS7E4EVyHwI%2FGo3Ln9CF2F6GwgZNLNUJVAp7j%2BKfUFdfIBNBWAiMHsy6xPvdIfqP%2FWkvDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6883f5c16b4ddaa8-ARN

GET
H3-29 200 email-decode.min.js Show response
www.jurnas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 33ms
32ms Script
application/javascript 2606:4700:3036::ac43:8a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jurnas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:8a96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jurnas.com
referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 12:03:41 GMT
server: cloudflare
etag: W/"611e489d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3tjgjy1tyLkBGfkxFHv9tty%2BC8dT9s5CVvb9erekztU%2B0Muq2g5iT1jS4NtU77dhdXiOOhpF0gMAtboNlhg2zN6PGxAPaXvkFfWWm7pUu2hdP0kIvGwR8WA6hPnLeNDL66latYMCyO4D5NIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6883f5bc0b61daa8-ARN
vary: Accept-Encoding
expires: Sat, 04 Sep 2021 04:22:54 GMT

GET
H/1.1 200
OK counter.php Show response
xms.jurnas.com/ Frame 949C 167 B
428 B 689ms
173ms Document
text/html 45.76.154.30
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://xms.jurnas.com/counter.php?id=36298
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.154.30 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.154.30.vultr.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: bac94619d34cd4bb09d86210cad50d23b6b9083ab2f382315d7c0e370fbff1ba

Request headers

Host: xms.jurnas.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.jurnas.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Length: 167
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5455
date: Thu, 02 Sep 2021 02:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 02 Sep 2021 04:52:00 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 72ms
21ms Script
application/javascript 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 11009729
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: EUikZw6bXU2ENI5EvI69iPGWP0yqzGkUZ6lZ5KXEklEGZSgeKyDx3A==

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900|Roboto:400,700,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jurnas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 406272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900|Roboto:400,700,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jurnas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 507849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 pubads_impl_2021083001.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 24ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 08:40:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
112 B 41ms
32ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jurnas.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

04c7a288a994da8749f2c19355f04673f0a322b528f3370650cf4e50355a4bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 59ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: ct5.addthis.com
URL: https://ct5.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44080
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 Rdbvh8ZZ_QM Show response
www.youtube.com/embed/ Frame 0AC5 55 KB
24 KB 48ms
46ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed9ed584aca24f9d35bdf0e772db7996d1ba856aa263c0c10f9bd998fd86c8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jurnas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Sep 2021 04:22:55 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=EfaUnOcOdbc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oibemQcugG0; Domain=.youtube.com; Expires=Tue, 01-Mar-2022 04:22:55 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+316; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 34ms
18ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=588864120&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jurnas.com%2Fartikel%2F36298%2FSpencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia%2F&ul=en-us&de=UTF-8&dt=Spencer%20Tunick%20Diizinkan%20Sesi%20Foto%20Telanjang%20di%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=674124820&gjid=1073430121&cid=372505599.1630556575&tid=UA-31720797-1&_gid=154528883.1630556575&_r=1&_slc=1&z=1596298302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jurnas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame FF5D 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jurnas.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.jurnas.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 39588
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Sep 2021 04:22:55 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-52e7319807c1a39e/ 166 B
325 B 47ms
42ms Script
application/javascript 104.84.232.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-52e7319807c1a39e/_ate.track.config_resp
Requested by: Host: ct5.addthis.com
URL: https://ct5.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.232.122 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-232-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=52, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-31720797-1&cid=372505599.1630556575&jid=674124820&gjid=1073430121&_gid=154528883.1630556575&_u=IEBAAEAAAAAAAC~&z=1796274169

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 02 Sep 2021 04:22:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.jurnas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 71ms
19ms Image
image/gif 18.66.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Spencer%20Tunick%20Diizinkan%20Sesi%20Foto%20Telanjang%20di%20Australia&time=1630556575192&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.jurnas.com%2Fartikel%2F36298%2FSpencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia%2F&random_number=13819564534&sess_cookie=195a3ffe17ba4bed5d59ad16a53&sess_cookie_flag=1&user_cookie=195a3ffe17ba4bed5d59ad16a53&user_cookie_flag=1&dynamic=true&domain=jurnas.com&account=FrXKn1QolK105T&jsv=20130128&user_lang=en-US
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 03:30:13 GMT
Via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 3162
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: FBEUIDSgbfd4GBO8AukJSiXli4Tzf4ArlOhWv1TYodh5a5EOTCuucQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 549ms
178ms Image
text/plain 54.187.141.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.141.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-141-46.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
server: Server

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jurnas.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jurnas.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 336ms
335ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4379723158027989&correlator=2491756167053353&output=ldjh&impl=fifs&eid=31062435%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210902&iu_parts=21622890900%2CID_jurnas.com_pc_article_top2_728x90%2CID_jurnas.com_pc_article_mid1_336x280%2C300x250%2CID_jurnas.com_pc_article_mid2_336x280%2CID_jurnas.com_pc_article_right1_300x250%2C336x280%2C300x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F%2F3%2C%2F0%2F4%2F%2F3%2C%2F0%2F5%2F%2F6%2F%2F7&prev_iu_szs=728x90%2C336x280%7C300x250%2C300x250%7C336x280%2C300x600%7C336x280%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1630556575&dt=1630556575232&dlt=1630556572291&idt=2910&frm=20&biw=1600&bih=1200&oid=3&adxs=190%2C190%2C190%2C1002&adys=180%2C1135%2C1508%2C1049&adks=2644133693%2C217910214%2C124469523%2C2459487727&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.jurnas.com%2Fartikel%2F36298%2FSpencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x105%7C620x1349%7C620x1349%7C400x0&msz=728x-1%7C620x0%7C620x0%7C400x0&ga_vid=372505599.1630556575&ga_sid=1630556575&ga_hid=588864120&ga_fc=false&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

31b748baea7e4b18f7b8a2ce6f2539dd242e34c887988fafee8a00950d089545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8110
x-xss-protection: 0
google-lineitem-id: -2,5511123528,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138327484453,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jurnas.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8867 6 KB
3 KB 52ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jurnas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 02 Sep 2021 04:22:55 GMT
expires: Fri, 02 Sep 2022 04:22:55 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-31720797-1&cid=372505599.1630556575&jid=674124820&_u=IEBAAEAAAAAAAC~&z=1250574652

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-31720797-1&cid=372505599.1630556575&jid=674124820&_u=IEBAAEAAAAAAAC~&z=1250574652

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/f5eab513/ Frame 0AC5 329 KB
45 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57d0a0866681113ad01e5870d69ced67f4454ed4ca50ac666745e4acc315c294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53191
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46326
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:24 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/f5eab513/www-embed-player.vflset/ Frame 0AC5 200 KB
66 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53191
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67106
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:24 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 2 MB
502 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

454552f06934bf318852c700126d15d50cac7e9db95a1f585bdbbbc1d7922122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53174
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514108
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:41 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/ Frame 0AC5 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53191
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:24 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0AC5 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 493285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 11:21:30 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame FF5D 232 B
432 B 172ms
129ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4d4b222ce3a3b08116f845c61828df5eb53f59f3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jurnas.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 04:22:55 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2fab69d96b9b9cf89faf4605b889e71c8c017acfb01b464903d466ccd91bcae4
content-length: 166

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0AC5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

23ms
21ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f325e24c166e2a6528f38260f4df71535df12828ef2ce9766673930a5a9562c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0AC5 29 B
424 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:07:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 896
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:59 GMT

GET
H3-29 200 EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js Show response
www.google.com/js/th/ Frame 0AC5 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13425
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:21:48 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8070ef9daef25ec3260e1935207dca82b584a9dc527f82469849f1637702b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 52826
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7285
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:42:29 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame 0AC5 80 KB
20 KB 85ms
85ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60eee4592b4b09e5c4344caed22c971b13bdd36319e3f0ff0437804246909851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210831.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgtvaWJlbVFjdWdHMCifo8GJBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20024
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
DATA 200
OK truncated
/ Frame 0AC5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQybZcmF3-OZkd1QHKrckWp5utrS24NXZakKBCWVg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0AC5 4 KB
4 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQybZcmF3-OZkd1QHKrckWp5utrS24NXZakKBCWVg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3af6b61a65e26e4db149bd61736f133fddf0799b32d33607f46812a4f2380da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 01:55:59 GMT
x-content-type-options: nosniff
age: 8816
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3864
x-xss-protection: 0
server: fife
etag: "ve7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Aug 2021 13:20:48 GMT

GET
DATA 200
OK truncated
/ Frame 0AC5 306 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc61750d03a0364ca8c12fd03fe150dc85f21a4a1d34570f80a6b44e5530192

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C864 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jurnas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 02 Sep 2021 04:22:55 GMT
expires: Fri, 02 Sep 2022 04:22:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 501ms
501ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:56 GMT

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame 0AC5 0
19 B 20ms
20ms Ping
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=wrDHxkLtX3hUX_VL&ei=n1EwYcPyI8SH6dsPu_ae4AY&el=embedded&docid=Rdbvh8ZZ_QM&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24067673%2C24080738%2C24082661&cl=394097881&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210831.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.013:B,0.227:B,0.227:B&cmt=0.013:0.000,0.227:0.000&ctmp=cc:t.217;useVodTrack&afs=0.227:251::i&vfs=0.227:243:243::r&view=0.227:670:400&bwe=0.227:130000&bat=0.227:1:1&vis=0.227:0&bh=0.227:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 103 KB
104 KB 48ms
29ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1630578175&ei=n1EwYcPyI8SH6dsPu_ae4AY&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AAEqxdw0XcMvyge27ziNPCoyPL3UjSJhXKEdTiOXYcxi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=-O&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=720000&vprv=1&mime=video%2Fwebm&ns=LQ6zblIYc5HDkiA7ng_2dIEG&gir=yes&clen=4893404&dur=134.966&lmt=1630411422995499&mt=1630556217&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=zFVu1mhngHqr9g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM8w1m28N4Cw5k3UG2yePhgrT_FxwBqlb0DycIOjf35bAiAyppan_s_Jx0n22Rzp70Q8HKn0kubhIG2zjpthtT4R1w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgb5uFAPE2-aMqk75XEFEfkF5FsECydaEzKtkfCMCSmEMCIQDiLNVPodb4PjDYL6nghhsmgnBAiai89yHiL-vRn2Cpaw%3D%3D&alr=yes&cpn=wrDHxkLtX3hUX_VL&cver=1.20210831.1.0&range=0-105438&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dbffb95506164bdf83e97725b035ea49b6516c30b91dad7c833ae9573e20b12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 105439
Last-Modified: Tue, 31 Aug 2021 12:03:42 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 64 KB
66 KB 53ms
34ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1630578175&ei=n1EwYcPyI8SH6dsPu_ae4AY&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AAEqxdw0XcMvyge27ziNPCoyPL3UjSJhXKEdTiOXYcxi&itag=251&source=youtube&requiressl=yes&mh=-O&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=720000&vprv=1&mime=audio%2Fwebm&ns=LQ6zblIYc5HDkiA7ng_2dIEG&gir=yes&clen=2282436&dur=135.001&lmt=1630411430032838&mt=1630556217&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=zFVu1mhngHqr9g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNfrUaU61bYW85L1fc6KeIV4QKXltNEDrDPO81iMKu7AiEArwxCSAu6HkV1P7mbsnVCrBEbHO6usMc1XiPAmQiUA-k%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgb5uFAPE2-aMqk75XEFEfkF5FsECydaEzKtkfCMCSmEMCIQDiLNVPodb4PjDYL6nghhsmgnBAiai89yHiL-vRn2Cpaw%3D%3D&alr=yes&cpn=wrDHxkLtX3hUX_VL&cver=1.20210831.1.0&range=0-66036&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5554116106096d6371c08f3a6e4442b94c0cb9730a0d7844f391005756b4e89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:22:55 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66037
Last-Modified: Tue, 31 Aug 2021 12:03:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 95 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

459f3786cd68cd5d072e7249ba5f8305d8a11e820096dcee12fb58335df6cd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:46 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 63 KB
24 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97d02525a38cc923b319b5993095b4c228af1129424019842b8e4ee21909d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24298
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:46 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 26 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946c3ee5014d1f574766958a0c639f1d660994b513b8d5ff6f4e41007d0d20cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7193
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:46 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/ Frame 0AC5 66 KB
19 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e862eb19d586a0e5acb863840506a8afe03f9920d58f809e2c77291b446d08f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 00:26:37 GMT
server: sffe
age: 53169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19736
x-xss-protection: 0
expires: Thu, 01 Sep 2022 13:36:46 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame 0AC5 28 KB
3 KB 138ms
137ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b0bfe190a2edac627963ad95cc095591ba39e23fab1e08989e900a1820c95da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210831.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgtvaWJlbVFjdWdHMCifo8GJBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2974
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/Rdbvh8ZZ_QM/ Frame 0AC5 36 KB
37 KB 108ms
88ms Image
image/webp 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Rdbvh8ZZ_QM/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31cb98685888a4612802e9a3948a213e8da53f1c303fa03df1ef51b600121a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
server: sffe
etag: "1630406373"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37336
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:27:55 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 0AC5 0
9 B 9ms
8ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?lo2ruw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C864 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
URL: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 12:05:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C864 138 KB
49 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
URL: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

612647c2fb32d3b89f1e498f78af6dfb5bff4046ce9319736f3dd5983cc5db15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49554
x-xss-protection: 0
server: cafe
etag: 14525539404271885986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C864 122 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
URL: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 64 KB
64 KB 17ms
9ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1630578175&ei=n1EwYcPyI8SH6dsPu_ae4AY&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AAEqxdw0XcMvyge27ziNPCoyPL3UjSJhXKEdTiOXYcxi&itag=251&source=youtube&requiressl=yes&mh=-O&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=720000&vprv=1&mime=audio%2Fwebm&ns=LQ6zblIYc5HDkiA7ng_2dIEG&gir=yes&clen=2282436&dur=135.001&lmt=1630411430032838&mt=1630556217&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=zFVu1mhngHqr9g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNfrUaU61bYW85L1fc6KeIV4QKXltNEDrDPO81iMKu7AiEArwxCSAu6HkV1P7mbsnVCrBEbHO6usMc1XiPAmQiUA-k%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgb5uFAPE2-aMqk75XEFEfkF5FsECydaEzKtkfCMCSmEMCIQDiLNVPodb4PjDYL6nghhsmgnBAiai89yHiL-vRn2Cpaw%3D%3D&alr=yes&cpn=wrDHxkLtX3hUX_VL&cver=1.20210831.1.0&range=66037-131755&rn=3&rbuf=3644

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e4077c5980ba57947a6b5ecfcdae5e5ce8d41ca48af6c5ccca165df2d696fae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65719
client-protocol: quic
last-modified: Tue, 31 Aug 2021 12:03:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/IWvXyOKbnFWNBlVMDEa8gA/ Frame 0AC5 8 KB
8 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/IWvXyOKbnFWNBlVMDEa8gA/featured_channel.jpg?v=60f1a0d3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

847f653a15d7252787f8b7aa9c652d0de814f222e62681efa2afc599c422119d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:03:24 GMT
x-content-type-options: nosniff
server: sffe
age: 1171
etag: "1626448083"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7721
x-xss-protection: 0
expires: Thu, 02 Sep 2021 06:03:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0AC5 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 128 KB
128 KB 7ms
6ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5951b10d91068f967a01d1fb6a99d5e847ea6df9540cf2db29e95cc059e854a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131553
client-protocol: quic
last-modified: Tue, 31 Aug 2021 12:03:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C864 0
0 21ms
17ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvo6xdpqY-Dm34BUTK1rHxxIZ70wVMwRcBL_DFu30og1NfIAZF_afI2a26W-WqTQUAUTyYu81YoM-nYqLg7NDBKMrGM26roFK4zMJtXAMtvhadipjuzK9ttW3ELKmBwRicTSPluulyuUPPRfrUyuF5aBteVA22qor55_ylzDL6GGaZMM5FMEuF1zaWVcRxmk12ggEc7oukCc44S6YlPJlADgZETpPSPFVxX2ZMPIv4KTJjxjN6FqOeMkVWilLkqQbz0DuBeppDVZ2pVgVX-b9cL3g2wxUAcatFZbMRlG5QphwReRGXLzI860o09GlavpDkn8qMnAnDMNaofh1iaK3foTazwYTRzW1Yokf-3&sai=AMfl-YS-cwVFtY7eVwTM7CXZ8mQ6xSKIa8vv8JgmLtNCffw3ZKUuv73LHzfPPTC-2ycWoWNooDe8sveIom-K2he5VOMa0y-e35TY6OG7jUmsA-uOODQcuGX_pe5ppayWEtA&sig=Cg0ArKJSzMXWTzjD1RGQEAE&urlfix=1&adurl=

Requested by

Host: 4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
URL: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame C864 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1efb44c7f3ab89cd2b93dc50f1ceb8a050aa765b6c214297a04dc9890373151d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 129 KB
129 KB 8ms
6ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1630578175&ei=n1EwYcPyI8SH6dsPu_ae4AY&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AAEqxdw0XcMvyge27ziNPCoyPL3UjSJhXKEdTiOXYcxi&itag=251&source=youtube&requiressl=yes&mh=-O&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=720000&vprv=1&mime=audio%2Fwebm&ns=LQ6zblIYc5HDkiA7ng_2dIEG&gir=yes&clen=2282436&dur=135.001&lmt=1630411430032838&mt=1630556217&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=zFVu1mhngHqr9g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNfrUaU61bYW85L1fc6KeIV4QKXltNEDrDPO81iMKu7AiEArwxCSAu6HkV1P7mbsnVCrBEbHO6usMc1XiPAmQiUA-k%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgb5uFAPE2-aMqk75XEFEfkF5FsECydaEzKtkfCMCSmEMCIQDiLNVPodb4PjDYL6nghhsmgnBAiai89yHiL-vRn2Cpaw%3D%3D&alr=yes&cpn=wrDHxkLtX3hUX_VL&cver=1.20210831.1.0&range=131756-263376&rn=5&rbuf=7298

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

792ffd02749f189f256ca4698d32823097135956c4148884d59271014533061a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131621
client-protocol: quic
last-modified: Tue, 31 Aug 2021 12:03:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame C864 250 KB
93 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1484960083787745&plah=4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:22:55 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame BCB2 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210830/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlm1FQISkR2wiaKj_2Q9_hokzIFP5p2VBydNdgZnU0vTOd9_aM31kf8Z1Nz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 23:25:20 GMT
expires: Wed, 15 Sep 2021 23:25:20 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 17855
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame C864 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1484960083787745&plah=4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C864 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC74 80 KB
28 KB 311ms
311ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4a140c82c70e4e45f0e2b4d4379216873dbbf3de954830e233f72197ff971b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlm1FQISkR2wiaKj_2Q9_hokzIFP5p2VBydNdgZnU0vTOd9_aM31kf8Z1Nz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 04:22:56 GMT
server: cafe
content-length: 28863
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C864 72 KB
27 KB 204ms
203ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:56 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CC74 6 KB
669 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 03:25:51 GMT
server: ESF
date: Thu, 02 Sep 2021 04:22:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 04:22:56 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CC74 1 KB
857 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 04:05:36 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame CC74 18 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 04:06:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CC74 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 04:12:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC74 122 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CC74 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 04:12:49 GMT

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame CC74 26 KB
11 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 10:32:56 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16779858945420151801/ Frame CC74 13 KB
13 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16779858945420151801/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6af47ea654434f9ef4ec2a3040780b8bca8b4f34bec85a0242a207251546bbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:07:11 GMT
x-content-type-options: nosniff
age: 396945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13073
x-xss-protection: 0
last-modified: Wed, 28 Aug 2019 08:02:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 14:07:11 GMT

GET
DATA 200
OK truncated
/ Frame CC74 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC74 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcSaaoFEwYbOZA4O-3gOrxbv4BNz5vrpjl4eN_twOr57w8JkkEAEgotHkPGCVAqABguLS1gPIAQmpAu6r0YGC3bM-qAMByAPLBKoEtAFP0O3Ouyhjg1lLMR15W2_rsE3EkYnqiPcRjiPD_hcYOwkgBe90q61MFPWsMbe1cSJuoJqgjxYHRvaHlgXaGzRNztBDh1Uo7muP4oaBkNEPX8Vdstp8rpf1o85QI426qb6JH4VSgE-3CUI7FweR4LH9h9nY2ns-3JqyzCVoEiwkebyyTl90OxgGsWEurATDQLagl1HJMyZCgR_tAwgi6lNvt8wvUFYL_Dy23qqh1qRMMtGWEz3ABOyTgMjOA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfmna0pqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDgnwLSCAkIgOGAEBABGB-ACgHICwHYEw2IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItMTQ4NDk2MDA4Mzc4Nzc0NRgA&sigh=rFRS-mE5M3s&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 04:22:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F936 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 13:41:14 GMT
expires: Thu, 02 Sep 2021 13:41:14 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 52902
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CC74 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc5c72180b3cd1e2933496c7b9dae569b72e2cf80745a31da7cff1674b2f099

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CC74 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 507851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CC74 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:32:47 GMT
x-content-type-options: nosniff
age: 388209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:32:47 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F936 35 B
463 B 30ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEML8pSo8dMeWylpX4AoF1UY&google_cver=1&google_push=AYg5qPIhl4u8pzx9ack26T3by2UE5z7uepJ0dYBaBV4wT2lWu6TS6mZn9z-AKZ7_OMnuwUOIDvVaC5KLLy9dxT25phGvY-itCQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F936
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMEBlWlDVFqAVEH6RwViOvg&google_cver=1&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto
https://rtb.openx.net/sync/dds?google_gid=CAESEMEBlWlDVFqAVEH6RwViOvg&google_cver=1&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&google_hm=rpL2fkZIyAAzOiK8WIPNBA==

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&google_hm=rpL2fkZIyAAzOiK8WIPNBA==

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:55 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAeOqRlW4VGR30NVJ8LicHpnLu34v7qLGoTWnoAZ3fco9iyiYUU7tvMiKMieeNY0Wzmcdr1J6CYNpN7P-KbxzNfyJbHto&google_hm=rpL2fkZIyAAzOiK8WIPNBA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-request-id: hfvku545u5fbqccps36mfbm5afld8nkr

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F936
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6BsJ1K18TVaS_ye-QmoPWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6BsJ1K18TVaS_ye-QmoPWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ41LnzZ9pwBuW1LRPL-dlmDJSEZpx0TQLF5xjWc_UreeBfn8-teriQRnt2C4mqwb1VtyZfCrjp51agXRmZ-0xWfoBIn2I

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6BsJ1K18TVaS_ye-QmoPWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ41LnzZ9pwBuW1LRPL-dlmDJSEZpx0TQLF5xjWc_UreeBfn8-teriQRnt2C4mqwb1VtyZfCrjp51agXRmZ-0xWfoBIn2I
date: Thu, 02 Sep 2021 04:22:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F936
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFmtY_hwHr4zdD9T7pWCDNQ&google_cver=1&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QyRkFBS0ItWC1GRkhX&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R_wqt0ctNbr263d-dprm_M2Q

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QyRkFBS0ItWC1GRkhX&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R_wqt0ctNbr263d-dprm_M2Q

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QyRkFBS0ItWC1GRkhX&google_push=AYg5qPL5EwfIh9y9y-O3ATRRmY9M1bsfiaSqwY2xoXssU8OQnOhKAMeczhnNBLm-Vrak6RgNU-R_wqt0ctNbr263d-dprm_M2Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame F936
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYL...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame F936 43 B
296 B 61ms
17ms Image
image/gif 2a05:d01c:1d8:8100:5262:f748:a686:7ff3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAGa5xiWgHXHnBZQHri0-IE&google_cver=1&google_push=AYg5qPKl5TIaGfACWUHf1AoMBi8KsEH5IPT3d9fqf_JI8vpDJpu0JUJh2rsh2bwmjRIhO0tyXEULNzuuHaVcs9Bu-c3vMWQf4Lc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1484960083787745&output=html&h=200&slotname=3918097544&adk=371893716&adf=3173046727&pi=t.ma~as.3918097544&w=300&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.jurnas.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630556575954&bpp=4&bdt=182&idt=67&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=829063878181&frm=24&ife=3&pv=2&ga_vid=738650333.1630556576&ga_sid=1630556576&ga_hid=352993136&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2280819497&scr_x=-12245933&scr_y=-12245933&eid=44747620%2C182982000%2C31062370%2C31062297%2C31062094&oid=2&pvsid=4035031339210757&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.c0346lj8s8vd&fsb=1&dtd=81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:5262:f748:a686:7ff3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F936
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKi_RxZ7-dIEHvJAR20qT7Y&google_cver=1&google_push=AYg5qPJ2wscx6OrjVC-jBrUt...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ2wscx6OrjVC-jBrUtEQIcu6YADOo4EqXKZXBiz_X58swo6DLPZgLg6q7ZXwq-N3gL7aVoMzuVhYRaPOL1TjYkBjtup_-e&google_hm=

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ2wscx6OrjVC-jBrUtEQIcu6YADOo4EqXKZXBiz_X58swo6DLPZgLg6q7ZXwq-N3gL7aVoMzuVhYRaPOL1TjYkBjtup_-e&google_hm=

Requested by

Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ2wscx6OrjVC-jBrUtEQIcu6YADOo4EqXKZXBiz_X58swo6DLPZgLg6q7ZXwq-N3gL7aVoMzuVhYRaPOL1TjYkBjtup_-e&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 01 Sep 2021 04:22:56 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F936 0
253 B 43ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_W5BolDSIbUJdsWNfC-9fK2UHiicILje9DzhLdJR_N0NXGGTl0J0hl1x8LnQNkx--nLG7EQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C864 0
0 19ms
18ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUO8jwVf05hZwhEL7a-PDxoY9C8CxJHLuDdydN-z281JQM-PqYyHZ2G-HAwnIovQLrcfQD-CxBARRXZp_T5onLDAnBkFeTGTIULtocw0K37QjRLma4Kib9XdexkFsRG8YRgZ-h13pKEsZl3bsvNPvgYaSlbUb90NRVtT01eUc3ABM1Nwf7YAKRvxzjVrKOJtxXeWqG41TGL9qnUbdbK1Zx2UU6nbjoDZsjeeaYUE9TX7JKYOHxu2UBI3zc1Zr2HwESk0enwPMmnH_6HbxUCoIQ3JBqV8LSrUQj5M8VtgS8IAeUPGvwpphidPMdvwUSSVio0RO-kDtIwnmN4DeWgg6wh5bK369yOEXoUFx8I1g&sai=AMfl-YTqTgEApF4Oi7VMo1cIAUIfPTrM8ZWoixBmDesAgeCZJjWSm1jlDojYhVvJ-HxjUBW_9fG7ibJFcDq1Q4VYrrS_f2qWDzVmwTOgrPcJdtaqKPKCqNINa0yC2VQaJY8&sig=Cg0ArKJSzDcsPRvtVcfzEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Sep 2021 04:22:56 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C864 11 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da15c5b94b48a0cc3d4ce15bcd53b58bdeef74930d51f7238e5249f26daae60a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8550
x-xss-protection: 0

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C2E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:35:16 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C864 17 KB
6 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A506 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 21:59:47 GMT
expires: Thu, 01 Sep 2022 21:59:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7D6B 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

acb5f9465858eb9d0a68f0811d3d88e539b8dbe4139c64546faf0f20ba64083e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A5CwPqWcdBU3yOa7Z3otYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 02 Sep 2021 04:22:56 GMT
date: Thu, 02 Sep 2021 04:22:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A5CwPqWcdBU3yOa7Z3otYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame A506 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 19:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:44:00 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C864 0
0 27ms
26ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=4035031339210757&bg=!ERKlElbNAAZOkH6FTpA7ACkAdvg8WmMJ3I44Hvhcnb20ZXrdLuAWq6AllgX7JM0PfMHwqBiktSjWMwIAAABIUgAAAAxoAQeZArnq0_yNCjf34OuWeDDcIj5B3fynX2uuMQ5pUNXMRd9uBeYD1meYDU3og2kKNrO-ViL4lN4yEw2heOBCdcOioddxGpmYro3i_jMzDBlhAppuDDLhm_I8UYwk0oFyNvCzLs1_Wj1vDk3CxFCT2rc3Oq-nHBrEoDMoFdwO-7qJAx6tH7t931ST6TgW532oaFlLDih2C9mXWjFeLsmNTo6ImFPQsqd2060twL7k0-yqW3OhGKSWN48UpvB_S8A2k2DT-CvjOFr2kPhIuXOInJheB57blI4YUxUpNPeIhrEruh2032XISAGC9h-kwwZuipuFFr1KUMXNxgceZ4v7aAmN0hpLzrWH09uq-5GCwtObV_ZwkC95_v-tc56rZtxm_bHUvV6s5NFU5xc59ohd_8iOLNZ506EdnTM_FhjuqM_J2IpYwuLhMHf-NN6tRe5rvvXENap5wGhsYSujjby797HatfUL-Zz1py39HtcedkktE1jdtRZ9oLjSWihKGZt_Iv1fzAZF1Kis5KYSY50QwLjZYpVfS6B_XTgcWT3N8WVKY0ZV6ekjMW8gIzK45SH10JFC-T0Pi1NEc3BzIXyhvfIXBG_2oB8a8YQbCksL3-A9aMd8TDTAQwp4Ji2JNZRScQuj7KDdRBitdHrl3b3k44e9dYzwcwLEao7DprygcG8u92-RqeOf32651G4r_3Ji6gVQx58LOmXIfF12XW8xh1KO6NS009w3KpFv2gS1xNpCBZ7oQ8_iQoOUtgrdkUjSiqBxvvJUg_nbOqFRIwDerwN7soKk07Yx-ApURByrazP5bbklXcsGjQZB9spVTDr4ghj3YAFMgls5E-Axns7SxqZjNKgr8Hg7DDn46ndOkUDJNF_2_UaSKNPuHXWFQ_6eBDdGE3hzC8Fd8448OuzxaEiNJnxedIrMRsuC0Ko3
Requested by: Host: www.jurnas.com
URL: https://www.jurnas.com/artikel/36298/Spencer-Tunick-Diizinkan-Sesi-Foto-Telanjang-di-Australia/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a5c35e55389a7e1e2d3dcc726b60ad2c3ecaa7f299f53e1e3c615e3417a756c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 04:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8448
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:57 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 514 KB
514 KB 7ms
7ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5a327829353042180c600cdd1e5718ebb70c8cf8efbcea0b127dd9fe09b4bf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:22:57 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 526462
client-protocol: quic
last-modified: Tue, 31 Aug 2021 12:03:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Sep 2021 04:22:57 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FF5B 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jurnas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 21:59:47 GMT
expires: Thu, 01 Sep 2022 21:59:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9C1F 783 B
531 B 15ms
14ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

60ce8fb14c064f0a98b6611f4ba10aafebf0d3e73b3625703b52973c40865420

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EMWZUPM7yw8lwlT69dbspg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jurnas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jurnas.com/

Response headers

expires: Thu, 02 Sep 2021 04:22:57 GMT
date: Thu, 02 Sep 2021 04:22:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EMWZUPM7yw8lwlT69dbspg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame FF5B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 19:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:44:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 24ms
23ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083001&jk=4379723158027989&bg=!ubqluv7NAAZOkH6FTpA7ACkAdvg8WgfAFYWBl9KNMy5kZnh8eTE1tyeehKRTKz3KWn0BW7ukzNN38wIAAABSUgAAAAxoAQcKAJlJenU10B4-hItLAvkzt1QRKFuZvZjVZmlXIlmufKgh9DlWZhC-OlWiv0bnV1UDqFhGTk2Px2GvQLKTUoFu2Vo_Vl8AGlWsC1hSwAFgqsIdqgorqeJFytaJP_uuGzAPibwLOpLBNB3M0Z2uVpOxkhnRWcQxW0HeconOCqJNsXG_qQLBuHkLww554LYwgG5Z0DwX4-qvuj886haZAnHGJauklnX1OZh706L3rxqnZUtUwK68P4CElz_vUSg9QrxDf6VhgTSva-dsRggdlTiuwk5HtDasIhBWeT4gvT6ErOBrdQsxARVy4kaw0iDrewnvC_CvIBvgxF2lOdM60I5cgWb2O7lMCxdTD5iXeGOk8JYjT2nAZ7NFjkaB-6HMO89y65VTQzgG_02fmhu6LgTSz9kPlAeApFwHApLaBYeoorYvi8wNzg-bGEXGcNfgcCIrp67hYIOdQsK8PpAFLlZdJs2W2_i8oRqMEp_rVPZabmric2G3mSKbPTqwmU8gM-0fMQLXo5feh426TMwLpDY5iJY3unU8BOoH5_AZJP5lbhL_lSKMXVzolFdflqWCVx20UpxO2YATqovXKGLlKZHQEw4YiZFAgRlXxH8taRxnJcSJgglOESQaeMHYEf0-6qk6QIOB2ah8jHKsPDABfX7TwOr7Yv80XywV6diIGucSpNR6haLXeqRoCYhyv9jWzdSjZ7dwd0uOQ2fE06XN5beiKAZTw8duSETG2YYvpuM4pSUdGamNWYAgYBpiJyajF13oXVEe-3mmLHc9Od7iGcWuG4q3XWew5eBudV7XOCISjjpN29ZTQm2Y_divUKwAn0EG8mg3rGrZjXkYoFXRvV4reCNKYaRww-J4g1gEAssLmc8fhng0R9wj1e_dnl7Hcw4k965BIUHmdtHa8bxg5pJslS_g0QuMZOV99XI2B5cjCwQJi2G3zI9JX1Owqo3YHWeRghF6K9eb8Uz_x9gzMjC-7_-AFL0a4ND0UehO2Zfy57b1zmB3z1FfpNON_OBiB9_mRDzGVzxa6iLP-if0nk3v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jurnas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CC74 42 B
64 B 21ms
21ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuA-SNQVvxbKhLgQ6FpwqRblXIy8ya6Y0OBdV0lo0kQG5rhsrHb6sLQXZ8kMKvfbCtG06IHVpAou0VnFwLFgjo99PY1NX9Ve1U6XxjnE59SmXLRR658faA26p-1Sg&sai=AMfl-YTbO9-dqrxyH58etaeppxtTLEczwDQ_f4721k0iHF9E4X_tQYdSd_FoPvDajySXS7TeaeCi-kVEEC5u4YjK2Qx0wE7WuadQa_o&sig=Cg0ArKJSzFUVTn6IvK-MEAE&cid=CAASF-RoRs_WSu-iqTl1QW_FYaToPsTbnmrM&id=lidar2&mcvt=1000&p=0,0,200,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&app=0&itpl=22&adk=371893716&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630556576036&rpt=403&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C864 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq2bRAyEKhzt0diS8jhZshUtyEltKP0IWQz6FGwcgzS80tIGUD8ije1EaFVQE7YR5vG5ZA1vmlIWTe501s_zMsY31UHkLKjjrblFB_Otvydgardsml&sig=Cg0ArKJSzB8F4L-JjqmMEAE&id=lidar2&mcvt=1002&p=1045,190,1245,490&asp=1045,190,1245,490&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&app=0&itpl=19&adk=217910214&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630556575727&rpt=717&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:22:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0AC5 28 B
299 B 23ms
23ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20210831.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvaWJlbVFjdWdHMCifo8GJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630556575352&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C670%2C400&vis=1&wgl=true&ca_type=image&bid=ANyPxKoDDjZ0aqbucuHVCcMzemaQZL8k7K8q3EgqRqmfw7M1utM45EKmzzSMKMqBuWDuidzVGbzowBUV9aO8A6eF123X6tm69w

Response headers

date: Thu, 02 Sep 2021 04:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 02 Sep 2021 04:22:57 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 0AC5 0
117 B 14ms
14ms Ping
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=wrDHxkLtX3hUX_VL&ei=n1EwYcPyI8SH6dsPu_ae4AY&el=embedded&docid=Rdbvh8ZZ_QM&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24067673%2C24080738%2C24082661&cl=394097881&seq=2&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210831.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.239:0.000,10.008:0.000&vps=0.239:N&ctmp=dompaused:t.240;promise;m.NotAllowedError,mclatency:t.364;131&bwm=10.008:1026831:0.354&bwe=10.008:1927238&bat=10.008:1:1&bh=10.008:14.381&df=10.008:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Rdbvh8ZZ_QM?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 04:23:05 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame 0AC5 259 KB
260 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1630578175&ei=n1EwYcPyI8SH6dsPu_ae4AY&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AAEqxdw0XcMvyge27ziNPCoyPL3UjSJhXKEdTiOXYcxi&itag=251&source=youtube&requiressl=yes&mh=-O&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=720000&vprv=1&mime=audio%2Fwebm&ns=LQ6zblIYc5HDkiA7ng_2dIEG&gir=yes&clen=2282436&dur=135.001&lmt=1630411430032838&mt=1630556217&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=zFVu1mhngHqr9g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNfrUaU61bYW85L1fc6KeIV4QKXltNEDrDPO81iMKu7AiEArwxCSAu6HkV1P7mbsnVCrBEbHO6usMc1XiPAmQiUA-k%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgb5uFAPE2-aMqk75XEFEfkF5FsECydaEzKtkfCMCSmEMCIQDiLNVPodb4PjDYL6nghhsmgnBAiai89yHiL-vRn2Cpaw%3D%3D&alr=yes&cpn=wrDHxkLtX3hUX_VL&cver=1.20210831.1.0&range=263377-528317&rn=7&rbuf=14690

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f5eab513/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

78368fb9d15950f4861161a44324694af94684458ecb4b437ac5598b0d0fe2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 04:23:05 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 264941
Last-Modified: Tue, 31 Aug 2021 12:03:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 02 Sep 2021 04:23:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTBRoGQ31UgGRFKNuMiJsAAABJ8AAAIB&google_cver=1&google_gid=CAESEKO5lIizsRCtgUcJeq5L1zI&google_push=AYg5qPLCc6nq87xJU4L-KG2ghDlb_TW2DBYYLsZJs5wP0rYrH16FYf93Fz26s2mjnZq0LDQh6DZNA-wFpmzPAXE7dBNzSdk6mYU

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-20 01:15:08	Name: VISITOR_INFO1_LIVE Value: oibemQcugG0
.doubleclick.net/	1970-01-20 06:17:32	Name: IDE Value: AHWqTUlm1FQISkR2wiaKj_2Q9_hokzIFP5p2VBydNdgZnU0vTOd9_aM31kf8Z1Nz
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EfaUnOcOdbc
.jurnas.com/	1970-01-20 06:17:32	Name: __gads Value: ID=0f2896607d0639bc-22a9ea27ecc80087:T=1630556575:S=ALNI_MYXZJlV_T-zqM3dRu6e0CFeNY2iEw
.jurnas.com/	1970-01-20 05:42:58	Name: __auc Value: 195a3ffe17ba4bed5d59ad16a53
.jurnas.com/	1970-01-19 20:55:58	Name: __asc Value: 195a3ffe17ba4bed5d59ad16a53
www.jurnas.com/	1970-01-19 20:55:58	Name: __atuvs Value: 6130519f72ef3863000
.jurnas.com/	1970-01-19 20:57:22	Name: _gid Value: GA1.2.154528883.1630556575
www.jurnas.com/	1970-01-20 06:24:44	Name: __atuvc Value: 1%7C35
.jurnas.com/	1970-01-19 20:55:56	Name: _gat Value: 1
.jurnas.com/	1970-01-20 14:27:08	Name: _ga Value: GA1.2.372505599.1630556575

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: div-gpt-ad-1568950971497-0.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c9766febc1e2d46c71c50440b0f0ab9.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
ct5.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.ytimg.com
i3.ytimg.com
image6.pubmatic.com
images.jurnas.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform.twitter.com
r5---sn-4g5e6ns6.googlevideo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.jurnas.com
www.youtube.com
xms.jurnas.com
yt3.ggpht.com
z.moatads.com
cm.g.doubleclick.net
104.244.42.136
104.84.232.122
142.250.181.226
142.250.185.194
18.66.112.71
18.66.97.14
185.64.190.78
2.18.235.40
217.182.200.29
2606:2800:234:59:254c:406:2366:268c
2606:4700:3036::ac43:8a96
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:60::a
2a00:1450:4001:803::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a05:d01c:1d8:8100:5262:f748:a686:7ff3
35.227.252.103
45.76.154.30
54.187.141.46
69.173.144.165
0106d543a57c4bac832893ebf9e07119e9e972e44a67200314ab1ff730bc6e78
0177b886d0f40b79ec68428efe2439ad3ac0eab78b9443713884ce0e40c803f0
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
04c7a288a994da8749f2c19355f04673f0a322b528f3370650cf4e50355a4bf9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0a5c35e55389a7e1e2d3dcc726b60ad2c3ecaa7f299f53e1e3c615e3417a756c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1544724c5f024121775d4f8b55cce6e88e93402d62be60b36cce340dc81790de
1b0bfe190a2edac627963ad95cc095591ba39e23fab1e08989e900a1820c95da
1bc5c72180b3cd1e2933496c7b9dae569b72e2cf80745a31da7cff1674b2f099
1efb44c7f3ab89cd2b93dc50f1ceb8a050aa765b6c214297a04dc9890373151d
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
2540d3d4f62400798731c24558893081504584406c29440783e2ad8ddd673bd6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28534ed8132da49d3499ee32b04a91b6ad05041969e981bd2da8f665081fb4eb
31b748baea7e4b18f7b8a2ce6f2539dd242e34c887988fafee8a00950d089545
31cb98685888a4612802e9a3948a213e8da53f1c303fa03df1ef51b600121a6e
31f5401d6d4213b40bbb2793641bf6fc0d8439867531abbd10cdcb847495ab14
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
374fb16c4a4f9765f9e027a5e8e2e7e3ad8836d504229596a8ae6bfc6c805dd2
3af6b61a65e26e4db149bd61736f133fddf0799b32d33607f46812a4f2380da2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f325e24c166e2a6528f38260f4df71535df12828ef2ce9766673930a5a9562c
423543478f8a90ffc7485aee626c6845eada6453ec76daecc1c83f1842876c24
454552f06934bf318852c700126d15d50cac7e9db95a1f585bdbbbc1d7922122
459f3786cd68cd5d072e7249ba5f8305d8a11e820096dcee12fb58335df6cd68
46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037
46adbd76d29e2f424e4a819e309cc8a9e9ae1f7ea908ecddf81fda65bf0b74ce
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
485a5a81780bc63df0a4c33c0cbd6a31bf934217f10fbfec68372de0551931da
4c4b1879ca626633c87773b9fbadeda3cdb8a6002a689ad80cd83401755f702d
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5554116106096d6371c08f3a6e4442b94c0cb9730a0d7844f391005756b4e89f
57d0a0866681113ad01e5870d69ced67f4454ed4ca50ac666745e4acc315c294
5951b10d91068f967a01d1fb6a99d5e847ea6df9540cf2db29e95cc059e854a8
5a327829353042180c600cdd1e5718ebb70c8cf8efbcea0b127dd9fe09b4bf01
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
60ce8fb14c064f0a98b6611f4ba10aafebf0d3e73b3625703b52973c40865420
60eee4592b4b09e5c4344caed22c971b13bdd36319e3f0ff0437804246909851
612647c2fb32d3b89f1e498f78af6dfb5bff4046ce9319736f3dd5983cc5db15
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6358049afd72741aa455a3593160b5ae19c5843b3370e1f91527a97236c04010
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6af47ea654434f9ef4ec2a3040780b8bca8b4f34bec85a0242a207251546bbcb
6b9660ee92c6c5496fab8e3db01a3ce454085b362209911a0ea78d77fbf84d5d
6dda368449268f1c34088ef4f4cf223a351125efa19f43bcb247640b9c53a10b
6fe835c5594c209e3f5dda9b15e7908cf3bf65c42e857c76fb232b6e05939c98
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
746239df59bdd42446bcf29a5560390ad662a98155ad55c5c1cde20e88c45eb6
774831ac1b58bdee4c3cee5d151d4aee8568ca1d4aeee2ffd066875c8a717d4c
78368fb9d15950f4861161a44324694af94684458ecb4b437ac5598b0d0fe2be
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
792ffd02749f189f256ca4698d32823097135956c4148884d59271014533061a
793cf5b54acfd67f2055ecdfa793e41cb41b5f034b09ce21f72902a5c4dc0ef9
7971856b3f659f52ea41db855c792892317b7446e3a15e355dcbd4a65d21f007
7b1bd1fb0e572c56270a56e0e1fbb2a0818276f1490373aa21f2240a57339f67
7eb3626a290830aae333f8314c32e716f9fb45baeeb0dfa109ece42c2add3a48
847f653a15d7252787f8b7aa9c652d0de814f222e62681efa2afc599c422119d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c6d6b63dff86a7c901624e168d8031d9e8fd115692497b62ce5b2991443b6d3
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
91d5a3cfcf0c0332599c383b9ed73b0a82890934a70dd674ac95c84178cb3dc2
920d7952290e86cf7c0d3095d4ad3c2bcba502d5464bcabb51616fbefe84b3d4
946c3ee5014d1f574766958a0c639f1d660994b513b8d5ff6f4e41007d0d20cd
962a0cc20e899fba47dd519b61b5c303333f3df95bb43112de6ae8550e86dc25
983eb4c3dab55de9d9f9b999559805354669583f1fd395c2775d42fd40ce0d14
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d187a43ffdce44e1e37db7b4aae12e841a90af13239487f09c93ec3b96fbcc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f7dbd210415a53f4c8fa78e11b81cbd1c042bcba83a6140f0a80d1af412c50
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8070ef9daef25ec3260e1935207dca82b584a9dc527f82469849f1637702b5d
acb5f9465858eb9d0a68f0811d3d88e539b8dbe4139c64546faf0f20ba64083e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f469fd78034d396311f471dfa3928d5e14c9cce6036065c5ef815774cb8541
b548dccb39d7ba241a613cee6af10dd3b458f926013495886fcfc6466c078c85
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bac94619d34cd4bb09d86210cad50d23b6b9083ab2f382315d7c0e370fbff1ba
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cca1f949acb5dbc9cf00e72c08ac3ee4fd790c20eea37848ea5b3e7389b603ff
d19034e0ad14cea988ce7735ad799283055200ff4171d0916ef2d7136ffde3ce
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da15c5b94b48a0cc3d4ce15bcd53b58bdeef74930d51f7238e5249f26daae60a
dbffb95506164bdf83e97725b035ea49b6516c30b91dad7c833ae9573e20b12f
ddc61750d03a0364ca8c12fd03fe150dc85f21a4a1d34570f80a6b44e5530192
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4077c5980ba57947a6b5ecfcdae5e5ce8d41ca48af6c5ccca165df2d696fae5
e4a140c82c70e4e45f0e2b4d4379216873dbbf3de954830e233f72197ff971b3
e5341db49bcc952e3cdaf78f8c46ff838c8cf265c0cff9100b33454fa65e57da
e862eb19d586a0e5acb863840506a8afe03f9920d58f809e2c77291b446d08f5
ed992c8ec0cf35c7a9a931cc098084d28f1d7fe16fd11d4a124471fd1b716334
ed9ed584aca24f9d35bdf0e772db7996d1ba856aa263c0c10f9bd998fd86c8c8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8630eeb8023cb0e327dba351359f8c8f80ad619e1d2684d3c2a61c857e2a674
f97d02525a38cc923b319b5993095b4c228af1129424019842b8e4ee21909d3a
fb503ad3e5b210ff014f35ca1de11930209fc970a8e9c04f018ee9ae51c0fac7
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.jurnas.com Open in urlscan Pro 2606:4700:3036::ac43:8a96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

99 %HTTPS

68 %IPv6

25 Domains

39 Subdomains

37 IPs

7 Countries

3766 kBTransfer

7985 kBSize

11 Cookies

3 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jurnas.com Open in urlscan Pro
2606:4700:3036::ac43:8a96 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

39
Subdomains

37
IPs

7
Countries

3766 kB
Transfer

7985 kB
Size

11
Cookies

139 HTTP transactions
5 data transactions