www.moneydj.com Open in urlscan Pro
210.66.210.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Submission: On March 23 via api (March 23rd 2021, 1:27:19 am UTC) from SG

Summary HTTP 612 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 72 IPs in 10 countries across 45 domains to perform 612 HTTP transactions. The main IP is 210.66.210.14, located in Taichung, Taiwan and belongs to SEEDNET Digital United Inc., TW. The main domain is www.moneydj.com.
TLS certificate: Issued by TWCA Secure SSL Certification Authority on March 2nd 2020. Valid for: 2 years.

This is the only time www.moneydj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
149	210.66.210.14 210.66.210.14	4780 (SEEDNET D...) (SEEDNET Digital United Inc.)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 3	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
1 1	172.104.64.149 172.104.64.149	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	95.101.178.219 95.101.178.219	16625 (AKAMAI-AS) (AKAMAI-AS)
28	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.155.36 13.226.155.36	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1 3	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2 26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.226.155.67 13.226.155.67	16509 (AMAZON-02) (AMAZON-02)
73	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
61	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	13.32.21.111 13.32.21.111	16509 (AMAZON-02) (AMAZON-02)
5	192.229.233.139 192.229.233.139	15133 (EDGECAST) (EDGECAST)
1	149.129.240.178 149.129.240.178	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4 8	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	3.229.28.141 3.229.28.141	14618 (AMAZON-AES) (AMAZON-AES)
13	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
9	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	119.63.198.180 119.63.198.180	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	34.95.67.231 34.95.67.231	15169 (GOOGLE) (GOOGLE)
15	61.221.82.13 61.221.82.13	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:e000:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	3.113.254.193 3.113.254.193	16509 (AMAZON-02) (AMAZON-02)
6	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
3 11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	34.96.118.241 34.96.118.241	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	3.114.172.73 3.114.172.73	16509 (AMAZON-02) (AMAZON-02)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.149.211.134 54.149.211.134	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:73b:46ad:270f:ab37	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	13.226.155.106 13.226.155.106	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	63.35.73.190 63.35.73.190	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
612	72

149 210.66.210.14 (Taichung, Taiwan)

ASN4780 (SEEDNET Digital United Inc., TW)
PTR: h14-210-66-210.seed.net.tw

www.moneydj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.119.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.64.149 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.178.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-178-219.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-36.dus51.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-67.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.21.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-111.fra56.r.cloudfront.net

adx.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.233.139 (Torrance, United States)

ASN15133 (EDGECAST, US)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.210.196.208 (Hyattsville, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.229.28.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

imageaws.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 61.221.82.13 (Tainan City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

banner-cfnetwork.cdn.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.201.76.93 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:e000:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.113.254.193 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.118.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)

proxy-bid.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.114.172.73 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.211.134 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-211-134.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-106.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.73.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-73-190.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
149	moneydj.com www.moneydj.com	607 KB
143	googlesyndication.com 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com 82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com 6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com 6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com	2 MB
59	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	740 KB
40	popin.cc api.popin.cc tw.popin.cc log.popin.cc r.popin.cc inrecsys.popin.cc imageaws.popin.cc	270 KB
38	holmesmind.com 4 redirects cdn.holmesmind.com fcm.holmesmind.com c.holmesmind.com adcdn.holmesmind.com ad.holmesmind.com proxy-bid.holmesmind.com ccm.holmesmind.com m.holmesmind.com	29 KB
28	google.com 3 redirects apis.google.com adservice.google.com www.google.com	82 KB
18	googletagservices.com www.googletagservices.com	569 KB
16	aralego.com 4 redirects ads.aralego.com sync.aralego.com agent.aralego.com	8 KB
15	hinet.net banner-cfnetwork.cdn.hinet.net	23 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	386 KB
12	aralego.net cdn.aralego.net	160 KB
11	facebook.com www.facebook.com	279 KB
10	google.de adservice.google.de www.google.de	2 KB
6	criteo.com gum.criteo.com bidder.criteo.com	888 B
6	criteo.net static.criteo.net	75 KB
4	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
4	webgains.com track.webgains.com diapi.webgains.com	98 KB
4	google.pl adservice.google.pl	1 KB
4	googleadservices.com partner.googleadservices.com	1 KB
4	facebook.net connect.facebook.net	153 KB
4	appier.net 2 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net ad2.apx.appier.net Failed	1 KB
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	5 KB
3	quantserve.com cms.quantserve.com	1 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	40 KB
3	treasuredata.com in.treasuredata.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	m-t.io w-it.m-t.io	280 B
2	awin1.com www.awin1.com	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	761 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	doublemax.net adx.doublemax.net	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	innovid.com ag.innovid.com	295 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	creativecdn.com prebid-asia.creativecdn.com	179 B
1	googleapis.com fonts.googleapis.com	603 B
1	2mdn.net s0.2mdn.net	48 KB
1	innity.com as.innity.com	599 B
1	alexametrics.com certify.alexametrics.com	552 B
1	mxpnl.com cdn.mxpnl.com	25 KB
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	5 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
1	innity.net cdn.innity.net	4 KB
612	45

	Domain	Requested by
149	www.moneydj.com	www.moneydj.com www.googletagmanager.com
74	tpc.googlesyndication.com	securepubads.g.doubleclick.net 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.moneydj.com
63	pagead2.googlesyndication.com	4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com www.moneydj.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net agent.aralego.com cdn.aralego.net adx.doublemax.net
28	securepubads.g.doubleclick.net	www.moneydj.com www.googletagservices.com securepubads.g.doubleclick.net 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com cdn.aralego.net
19	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	www.googletagservices.com	www.moneydj.com securepubads.g.doubleclick.net 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
15	banner-cfnetwork.cdn.hinet.net	cdn.holmesmind.com www.moneydj.com
13	log.popin.cc	www.moneydj.com
13	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
12	cdn.aralego.net	adx.doublemax.net ads.aralego.com agent.aralego.com
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net adx.doublemax.net
11	www.facebook.com	www.moneydj.com connect.facebook.net www.facebook.com
11	www.google.com	3 redirects www.moneydj.com securepubads.g.doubleclick.net apis.google.com googleads.g.doubleclick.net
10	cdn.holmesmind.com	ads.aralego.com cdn.holmesmind.com ad.holmesmind.com
9	r.popin.cc	www.moneydj.com
9	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	c.holmesmind.com	4 redirects adx.doublemax.net cdn.holmesmind.com
8	sync.aralego.com	ads.aralego.com www.moneydj.com agent.aralego.com
6	assets.ad4m.at	as.ad4m.at
6	ccm.holmesmind.com	adx.doublemax.net
6	static.criteo.net	cdn.holmesmind.com adx.doublemax.net
6	ad.holmesmind.com	cdn.holmesmind.com adx.doublemax.net
6	imageaws.popin.cc	www.moneydj.com
6	inrecsys.popin.cc	www.moneydj.com
6	ads.aralego.com	2 redirects ads.aralego.com agent.aralego.com
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	api.popin.cc	www.moneydj.com api.popin.cc
4	bidder.criteo.com	static.criteo.net
4	adservice.google.pl	securepubads.g.doubleclick.net
4	partner.googleadservices.com	pagead2.googlesyndication.com
4	connect.facebook.net	www.moneydj.com connect.facebook.net
4	apis.google.com	www.moneydj.com apis.google.com
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	cms.quantserve.com	googleads.g.doubleclick.net
3	in.treasuredata.com	api.popin.cc
3	sb.scorecardresearch.com	1 redirects www.moneydj.com www.googletagmanager.com
2	w-it.m-t.io	analytics-wg.webgains.io
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	m.holmesmind.com	cdn.holmesmind.com
2	agent.aralego.com	2 redirects
2	proxy-bid.holmesmind.com	banner-cfnetwork.cdn.hinet.net
2	gum.criteo.com	static.criteo.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adcdn.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	adx.doublemax.net	pagead2.googlesyndication.com
2	4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adx.c.appier.net	www.moneydj.com apn.c.appier.net
1	analytics-wg.webgains.io	analytics.webgains.io
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ad4mat.net	ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	prebid-asia.creativecdn.com	banner-cfnetwork.cdn.hinet.net
1	82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tw.popin.cc	api.popin.cc
1	as.innity.com	cdn.innity.net
1	certify.alexametrics.com	www.moneydj.com
1	www.google.de	www.moneydj.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mxpnl.com	www.moneydj.com
1	d31qbv1cthcecs.cloudfront.net	www.moneydj.com
1	www.googletagmanager.com	www.moneydj.com
1	cdn.innity.net	www.moneydj.com
1	gocm.c.appier.net	1 redirects
1	apn.c.appier.net	1 redirects
0	ad2.apx.appier.net Failed	banner-cfnetwork.cdn.hinet.net
612	83

This site contains links to these domains. Also see Links.

Domain
money.moneydj.com
tv.moneydj.com
www.xq.com.tw
traffic.popin.cc
a.popin.cc
www.facebook.com
www.plurk.com
twitter.com
m.moneydj.com

Subject Issuer	Validity	Valid
*.moneydj.com TWCA Secure SSL Certification Authority	`2020-03-02` - `2022-04-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.c.appier.net R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.innity.net DigiCert Secure Site ECC CA-1	`2020-04-10` - `2021-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2020-04-24` - `2021-06-24`	a year	crt.sh
api.popin.cc DigiCert SHA2 Secure Server CA	`2020-05-05` - `2022-07-14`	2 years	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
1923398352.rsc.cdn77.org R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.treasuredata.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.cdn.hinet.net	`2019-05-10` - `2021-08-11`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D2	`2021-02-10` - `2021-05-11`	3 months	crt.sh

This page contains 65 frames:

Primary Page: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Frame ID: 0319F5F5D881ECC014712A781C526737
Requests: 222 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9XAtdcLyPE5Qt8erGWu23ImfPZ4-X89MwF1shTulJXK13fnDcDGSxmY8focu3qunHTEHFUgC2Og9Gv2Y4SkgJHHGHOqykxpbNK7DzuBnEF9NWOJs4L-NA-yeMymt-E2i4MV5hTvmNPZNlRswl1odUYhBDWxMjkiQTUkoRaG1frUGdz5UpErEghDhPFJu4-vJ3UKO2FQ96aVzUrqAB6tqTQ19z7v6ofenaHgIrWJ2hCBOmiYq1aYLUOslgdnlRstVgnSFGibNCvGS9Cf4YiMaX4o3nQu8j73oeUTPsDvkXPvVfR9CxO-llP41mKQ&sai=AMfl-YS59-i9MkE4ron3cmsuFhYfocZ9mDG7SX38o69ymAEhVDapAe16TYtpCZGcUh_RcAZUBzCU8W0uW53xymHxXoAJfPMRCDardOmZ0lGqyaznngFiK0P7yQqqjjum-s8&sig=Cg0ArKJSzEYAtBOIOJGQEAE&adurl=
Frame ID: 9CCBFF626099F673E792D4247DB65A92
Requests: 8 HTTP requests in this frame

Frame: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Frame ID: B1EFDAFC9EEE311BCF3341B158F41AA0
Requests: 16 HTTP requests in this frame

Frame: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 874FD68D2ABD51C6969AB17D0ED1871B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html
Frame ID: 9CEFE64B72AA23E8E5E0FF3589DBD8E3
Requests: 1 HTTP requests in this frame

Frame: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Frame ID: D89B8DCDEEDB930577ABF94D93625F43
Requests: 6 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: F7F9520EDEDF21E3B5ABAA6730C4609F
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: F18FE2FD93508E9FD44B7F9AD34B26D5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Frame ID: CB6AF7CC864BD27D3A750098FBB90871
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Frame ID: BDFD22392A47FC2E35F25A5FB02289F6
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhyot0z2bcCJqKPLMGIasuED11BqGnmNbHLbxU37Lp2TxFcoMBbEzQXkjh4RcCAnfZVvPk6rdBPuwQ0VOXzueMcUw7ZnifUxi8ZLHrHCB6i1XlV35vl-MOVWb1G9q2H7ors7QZShh2p41Ccw-0oXSQW6x4CFJm92_Lm_6eZqW4bnWl48E7hiymD4Hng_YXS4GF8lxY1EDN34VI7DvcH1X45SbyYdU27YNn7HuwMNxL0-bXkoPjPt2-SAaFwe1SBpwm2W1KvY7cvCdJFcDBafY8BBO1_zvj0ocAfoksD5vQjuT3HM-K5-aC889dW0eUGH5Z&sig=Cg0ArKJSzLTR8YT7PHikEAE&urlfix=1&adurl=
Frame ID: 7B2A8B77CA5AF690DF006B8C4C2A45C7
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D70156C8391D0D232437F83873D4490D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: C151B47EE892740D153525D0CA07CAB9
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5mW7wXThQm3IEU9Yn8fW40OIndtooohkjU2OMOdV5ksvZ02JwqSbe4iw37dFQKERd14LF2dKMQUDdY40eCK_VFycL00L8fL1vcoKZmmBAD9pGzS_fZBH82ynDllb_3U3Ofl30pviJKbgP8dCHJdgKzMc-XWa5uAEpqwsqiDHZhVrvSRYPMkaIQRb_uSu0-NWBN7UILCDTUta_30U8wv4kq_moSelyty9hjsNXgLzSbEZpRaJysV_FRdWBPu4ZofosQAnCYsVut0zOEoLMxVA0jPTJoF41l_rIYG4rHrK0ZPuyD-v1uetaVis&sig=Cg0ArKJSzMtZVGAs7ODnEAE&urlfix=1&adurl=
Frame ID: AD4E170116A706DC0CE79F2BE6E2CF21
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260
Frame ID: 0E98631E62DF5F2496EDB0E7BD3893E2
Requests: 13 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 7EEF87C6F2AEE79E7A3BDF91ED66489C
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNBAJv1mWMWQPfld-o8jXUCsqXisCzCZ_cEtb9bYNCl4gCss0hESopl8eiFuwCDHtps86QAM1pel2mlQCAJYeDvzAZuCLOAJ0Y6ikif-JQGHNq9UpU9CYK6wKUIbRZ2fy7sEkmUkfb9N4mI6nYza5YZJNDHWkSapqmg6cI8A8qqQjgu3u5Uil-46BcU_2OYAboduY2GUNuyG0HgW_Ug-NTsY77EI-Th0d4wYdfh6ULPB0G46fZr9mHbWBSyoqOUiOvzSvzJScfhcySuSOLbD6ovMt43YMLPdZ_JJXM2MzdW2wWpdCvrCwciw&sig=Cg0ArKJSzOuBRKNQkCZcEAE&urlfix=1&adurl=
Frame ID: 1FA6772520A4B9F4E801B20C270397FC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1616462812&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&pra=7&wgl=1&dt=1616462811650&bpp=2&bdt=8075&idt=345&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&prev_fmts=300x250&nras=1&correlator=8746931251737&frm=20&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=368
Frame ID: 873FE732E78B12CA721EFF6E424933E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546
Frame ID: 9FC88ACC5525BD31F5AA384C72CA8A0A
Requests: 8 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C1C8E22FFCC2EB2832B8570F4A163316
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 95C7D561221D9AC2C5786A6BD8D7A36F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 057715FED571C1CEC11823F217DF954C
Requests: 18 HTTP requests in this frame

Frame: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Frame ID: C29B0A34E7F5F97B6569D80DD0F06CE1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533
Frame ID: BC3365025FE8F3A563BB4B927A4001A6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html
Frame ID: A98EB47DFAC5DB68604690A9E57017D9
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFA5C281A259DB62ADB578813174D838
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E9C6002BDE7E0386B7161AF732AC27F2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Frame ID: EB8B351A87EAA82FBFBB5F3CC3E1B20E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html
Frame ID: 1812968BD9A56906158D072FF5F3B243
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 2C17ED657B16F555555EE3868DCCBF6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 03033D67E5D39A1B52851BFC3BFCAE1C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AC999A7187FCA50E887A0BB47EAB961B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 58B6CE61D256F1F6BF065692CDD69E17
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 61122E88E222FAD949D821C47F0A60AB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 80C386FC7B08C994B360B0610C0E5370
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 5D6558C58C5808397697E00AC877B96C
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: B5C61C4549D320EF6445655253913516
Requests: 4 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 37D90C60A616C612882791466AABF759
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A42432C3F6451E22F02CE87E1FF5B329
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8FBC190B0BD243933983B26BBB65F53D
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Frame ID: 41C822EFE5AD1FBF8C0E7A981ADABED0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 681C8CC5308CF9AB8E69AAA961D68651
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: D57EB796DF91D534580AB7D6DC9D9792
Requests: 5 HTTP requests in this frame

Frame: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
Frame ID: 9DA01896203A3E930A6AC5A42A8165D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 75E05D3468CF51B284839C4887583D74
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 2BF5083D94FDDF6A27F38F83851506C3
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 900E297803FB9CB20186CC698FDF2909
Requests: 12 HTTP requests in this frame

Frame: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
Frame ID: B0DA67E7A835BF188A5473C9ED9EE9CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
Frame ID: 0C3ABD10A82BAF4B875418734B4B0584
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BDBEF390DD3892262441C473A6A75499
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
Frame ID: 7121E6A7E561923CB2B9DB795C95730D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 366515680B5E5F256FA8F349CE62ABFA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E3A74111B61E758D2A6C580F83EAA2DA
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5BF11E6F7B8C76AD36205B8B82016D64
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: E13E81C7AEC8D5C7E1BC3AF6DBEFA9D5
Requests: 11 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: C3A1BD05EC277FB891EA9E309FE546F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A07CCE2AFF84841D8F008FD5981E965C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195
Frame ID: DE7E8615D870F2A72E037617AD43F05A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6FD29FEC3B62F74D077B7A1C8311E3D4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F1641F9E4C3E44E6982CC4897989E796
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 45030B2BC57DF9074486FC627E5E2CCD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A6A563643CF4B9E7FCB52228A4AA8FBE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 9692AB4A9A00F4FE4C48C3F23113628E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Frame ID: E2112B0AAA1E99B456EF88FBF4F7486F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2A668ABE11A57DF90BC4A6E806A8E4C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Page Statistics

612
Requests

98 %
HTTPS

48 %
IPv6

45
Domains

83
Subdomains

72
IPs

10
Countries

5375 kB
Transfer

13308 kB
Size

0
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://money.moneydj.com/us/
Title: 美股

Search URL Search Domain Scan URL

URL: https://tv.moneydj.com/tv/
Title: 財經台

Search URL Search Domain Scan URL

URL: https://www.xq.com.tw/daqSite/
Title: XQ

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Da7b73e65-55ba-46f3-9382-40ac27a36775

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D3bf4eae4-58c8-4122-96f1-25f40c5652ca

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftaiwan.pure-beauty.life%2Farchives%2F4408%3Ftripid%3D03b2eb259c1a84e22882ffc2d2f78fd9%26popintoken%3D03b2eb259c1a84e22882ffc2d2f78fd9&data=eyJjdmlkIjoic2Vub2JpcnVfdHciLCJjIjoiNC4wIiwidHoiOiJ0dyIsImYiOiIyIiwibmlkIjoiNjA0ZjMwMGVmNjg2YjYyNzNmMTUxMTM4IiwiY2FtcGFpZ24iOiI2MDRmMmU0MWY2ODZiNjNjMjIxZGMyMDQiLCJtZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImNhdGVnb3J5IjoiYnVzaW5lc3MiLCJtIjoiMjY5NDEwNDYiLCJkZXZpY2UiOiJwYyJ9&token=03b2eb259c1a84e22882ffc2d2f78fd9&t=1616462811247&uid=fc91dfae22106e881a21616459210076&api_host=tw.popin.cc&logid=be8d6cda-c87c-4c94-b453-772626d2f733&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=f65bb533-e086-4b55-a064-a913592ea73b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3De5b33b77-3616-4ac6-901c-8668cb64b33c

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D3bf62d12-abfd-4267-9501-0eedf06ab996

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fdangdangskin.com%2Farchives%2F5552%3Ftripid%3Deba7091199f78a4edc4a3fd1112f0c31%26popintoken%3Deba7091199f78a4edc4a3fd1112f0c31&data=eyJjdmlkIjoiRmluamlhLXMiLCJjIjoiMy4yIiwidHoiOiJ0dyIsImYiOiIyIiwibmlkIjoiNWY5MTNhMmRmNjg2YjYzM2U2MTQ4M2M1IiwiY2FtcGFpZ24iOiI1ZDlhYTAxY2Y2ODZiNjNlNGM2NWRhZTQiLCJtZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImNhdGVnb3J5IjoiYnVzaW5lc3MiLCJtIjoiMjY5NDEwNDYiLCJkZXZpY2UiOiJwYyJ9&token=eba7091199f78a4edc4a3fd1112f0c31&t=1616462811247&uid=fc91dfae22106e881a21616459210076&api_host=tw.popin.cc&logid=be8d6cda-c87c-4c94-b453-772626d2f733&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=f65bb533-e086-4b55-a064-a913592ea73b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D89465d2d-ec50-4cfb-bfbb-45c4aaeed67f

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fgo.wulatrk.com%2Fdd7968c8-8653-4273-9779-82f868dd980e%3Fcreative_id%3Dm8%26tripid%3Df28575e7bf9fdd59365ba3c0b4ab34c1%26popintoken%3Df28575e7bf9fdd59365ba3c0b4ab34c1&data=eyJjdmlkIjoiQ3J5cHRvIiwiYyI6IjMuMCIsInR6IjoidHciLCJmIjoiMiIsIm5pZCI6IjYwMTUyYzMzZjY4NmI2MTFmODY3ZDhjNCIsImNhbXBhaWduIjoiNjAxNTE5NzRmNjg2YjYzYzA1MWEyNjQ0IiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJjYXRlZ29yeSI6ImJ1c2luZXNzIiwibSI6IjI2OTQxMDQ2IiwiZGV2aWNlIjoicGMifQ==&token=f28575e7bf9fdd59365ba3c0b4ab34c1&t=1616462811247&uid=fc91dfae22106e881a21616459210076&api_host=tw.popin.cc&logid=be8d6cda-c87c-4c94-b453-772626d2f733&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=f65bb533-e086-4b55-a064-a913592ea73b

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fmomo-selection.me%2F%3Fp%3D2776%26tripid%3Db02a3b40b823d2f035472c14d22462e8%26popintoken%3Db02a3b40b823d2f035472c14d22462e8&data=eyJjdmlkIjoiZG91Y2UuZnVuIiwiYyI6IjMuNSIsInR6IjoidHciLCJmIjoiMiIsIm5pZCI6IjVmNTFmYWQ4MGZjMTBjN2IxNzQ3YmE4NSIsImNhbXBhaWduIjoiNWY1MWZhOWEwZmMxMGM3YjE3NDdiYTQ0IiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJjYXRlZ29yeSI6ImJ1c2luZXNzIiwibSI6IjI2OTQxMDQ2IiwiZGV2aWNlIjoicGMifQ==&token=b02a3b40b823d2f035472c14d22462e8&t=1616462811247&uid=fc91dfae22106e881a21616459210076&api_host=tw.popin.cc&logid=be8d6cda-c87c-4c94-b453-772626d2f733&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=f65bb533-e086-4b55-a064-a913592ea73b

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&t=%e4%ba%ac%e5%9f%8e%e9%8a%80%e9%81%95%e5%8f%8d%e4%bf%9d%e9%9a%aa%e6%b3%95%ef%bc%8c%e9%81%ad%e8%99%95%e7%bd%b0%e9%8d%b0180%e8%90%ac%e5%85%83
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.plurk.com/?qualifier=shares&status=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26%20(%e4%ba%ac%e5%9f%8e%e9%8a%80%e9%81%95%e5%8f%8d%e4%bf%9d%e9%9a%aa%e6%b3%95%ef%bc%8c%e9%81%ad%e8%99%95%e7%bd%b0%e9%8d%b0180%e8%90%ac%e5%85%83)
Title: Plurk

Search URL Search Domain Scan URL

URL: http://twitter.com/home/?status=%e4%ba%ac%e5%9f%8e%e9%8a%80%e9%81%95%e5%8f%8d%e4%bf%9d%e9%9a%aa%e6%b3%95%ef%bc%8c%e9%81%ad%e8%99%95%e7%bd%b0%e9%8d%b0180%e8%90%ac%e5%85%83%20https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26
Title: Twitter

Search URL Search Domain Scan URL

URL: https://m.moneydj.com/
Title: 手機版

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/basic/basic0001/JNJ
Title: 基本資料

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/basic/basic0002/JNJ
Title: 行情報價

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/basic/basic0004/JNJ
Title: 基本分析

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0001
Title: 漲幅排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0002
Title: 跌幅排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0007
Title: 超買排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0008
Title: 超賣排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0009
Title: 成交量排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0028
Title: 點擊排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/rank/rank0030
Title: 查詢次數排行

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/tool/tool0001
Title: ADR套利

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/tool/tool0003
Title: 選股工具

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/tool/tool0011
Title: 行事曆

Search URL Search Domain Scan URL

URL: https://money.moneydj.com/us/tool/tool0012
Title: 各類股績效表現

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U HTTP 307
https://gocm.c.appier.net/apnnet?url=adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js&&haid=Hhc9Br-U HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=HNZxfTvxAzmOQSos1ENZYA&haid=Hhc9Br-U

Request Chain 106

https://sb.scorecardresearch.com/b?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&c9=&cs_ak_ss=1

Request Chain 168

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10846&adk=1326293989&adf=816031632&pi=t.ma~as.7595289909%2F10846&w=160&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462809497&bpp=61&bdt=244&idt=187&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&correlator=6022593572828&frm=24&ife=3&pv=2&ga_vid=171494255.1616462810&ga_sid=1616462810&ga_hid=1541989488&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=779919225&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060288%2C44738185%2C44739387&oid=3&pvsid=3014727783491532&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=1.6lzvs1gtr0w9&fsb=1&dtd=235 HTTP 302
https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Request Chain 177

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 287

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 298

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10624&adk=5587611&adf=272530243&pi=t.ma~as.7595289909%2F10624&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812180&bpp=12&bdt=399&idt=479&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077-22069ef527a700a6%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MYrNJjpQaaHJvsIbtVXCrLqh_EIHw&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=770108176&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=1413&biw=1600&bih=1200&isw=300&ish=600&ifk=1311452349&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44735932%2C44738185%2C44739387&oid=3&pvsid=1674222943023338&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.l8l20e92x3og&btvi=1&fsb=1&dtd=534 HTTP 302
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html

Request Chain 310

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 367

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 375

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 399

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 446

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 450

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 473

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 479

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1 HTTP 302
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1

Request Chain 491

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 496

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1 HTTP 302
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1

Request Chain 532

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U&google_gid=CAESEDM0ofZUA4-swEsORx_37mY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U&google_gid=CAESEDM0ofZUA4-swEsORx_37mY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U&google_tc=

Request Chain 533

https://rtb.openx.net/sync/dds?google_gid=CAESEGkjjaZ8sLOmUPxrbezLRNE&google_cver=1&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGkjjaZ8sLOmUPxrbezLRNE&google_cver=1&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&google_hm=cY3sRxKKwxMGaq-VNMbAPA==

Request Chain 534

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAdC9OzQL7h1o0h6sYW537Y&google_cver=1&google_push=AQvitUJfExdPYReBvo3CFuWsNQWvtTSFNuOZMiMyGx4r9Ke9AL2moialsubTIAg9zjexWHTCfKBYAX5G4huZRfp-liPdiRuAtGc- HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAdC9OzQL7h1o0h6sYW537Y&google_cver=1&google_push=AQvitUJfExdPYReBvo3CFuWsNQWvtTSFNuOZMiMyGx4r9Ke9AL2moialsubTIAg9zjexWHTCfKBYAX5G4huZRfp-liPdiRuAtGc-&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cueFsPjSA-SSZ52bpOGHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJfExdPYReBvo3CFuWsNQWvtTSFNuOZMiMyGx4r9Ke9AL2moialsubTIAg9zjexWHTCfKBYAX5G4huZRfp-liPdiRuAtGc-

Request Chain 535

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIOHRICgv8NcrKMvL96KzDo&google_cver=1&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9TpvUj2JWs41gLhRvTlsSpI6kD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MQzg0VDMtMUgtOEpVRg==&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9TpvUj2JWs41gLhRvTlsSpI6kD

Request Chain 536

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_cver=1&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpLpYbisKsVv5uFcpBGxFPbZEwY3lwpndfTEl808uUXV0bU4F6YO HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_cver=1&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpLpYbisKsVv5uFcpBGxFPbZEwY3lwpndfTEl808uUXV0bU4F6YO&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFlD4VXq6tQ5vlKf1tPm7gAABIAAAAAB&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpLpYbisKsVv5uFcpBGxFPbZEwY3lwpndfTEl808uUXV0bU4F6YO&google_cver=1

Request Chain 582

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

612 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set newsviewer.aspx Show response
www.moneydj.com/kmdj/news/ 74 KB
26 KB 1528ms
559ms Document
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: dcdb1511f464f43be7db140d12b276a1818fe7bb5058957ea269e04720d670ae

Request headers

Host: www.moneydj.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: djaid=1.13a279a4-3e4b-4008-888b-2948920e1c92.1616462803.1039206186.0.0.a15a8; domain=moneydj.com; expires=Thu, 23-Mar-2023 01:26:43 GMT; path=/ djaid=1.13a279a4-3e4b-4008-888b-2948920e1c92.1616462803.1039206186.0.0.a15a8; domain=moneydj.com; expires=Thu, 23-Mar-2023 01:26:43 GMT; path=/ memlog=cba29fbf-9f22-46ca-b027-bfe0a9ed2cb1; expires=Thu, 23-Sep-2021 01:26:43 GMT; path=/
Date: Tue, 23 Mar 2021 01:26:42 GMT
Content-Length: 25991

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 42ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660da8b95850d124ee0837d7b29b2ae5a5faa9b154c57c9e080b464e8d2b266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 537 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19749
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:43 GMT

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U
https://gocm.c.appier.net/apnnet?url=adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js&&haid=Hhc9Br-U
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=HNZxfTvxAzmOQSos1ENZYA&haid=Hhc9Br-U

398 B
388 B

336ms
326ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=HNZxfTvxAzmOQSos1ENZYA&haid=Hhc9Br-U
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: b8b38e753079ac4a8a64eb3d7b85ddb880bf389c180b505a2d8107cc141a22c8

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:45 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=HNZxfTvxAzmOQSos1ENZYA&haid=Hhc9Br-U
date: Tue, 23 Mar 2021 01:26:44 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 118
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 72 KB
25 KB 269ms
265ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 57d0627e1aae9f74ebe4f63ab1eef5aba18b768ded1ffdc9073f882a7966d38d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:42 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:43 GMT
Cache-Control: public
Content-Length: 25204
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 1510ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=NYVDAJShncp1g/+fRXpEXIEXP4A=&t=/kmdj/js/jquery.ui.widget.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: af968225577f4253077638acb0a9f8becdddd22e1220cc18ad402fe77bab8a51

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 1331
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 1516ms
252ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=8GcG3iY+lEHvijKl1tzzvV1EKMc=&t=/kmdj/js/jquery.ui.position.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b507e7b2bedbfde5243a084b804bddc4826f8417aa91787f4aee4d1d2f2401fe

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 1312
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 1544ms
255ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=MryRvFLqWZc+wnmte8XbRTa2lxc=&t=/kmdj/js/json2-min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 49d6261225985a4f22a17dc8adc20e6385d26af45ed6ca9c847d31fbaa26259d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 1321
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 1539ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=NMf0J55CZMWDOOGBDTv3RzyL3GE=&t=/kmdj/js/common.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 250f32725adf2a833d48acc424fe3708dbc5696eea167652f7e4d76c7159dcd1

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 1335
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 749 B
627 B 1745ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=Ex6usLMzUu14lDGPUV2ZC+ixtu0=&t=/kmdj/js/jquery.cookie.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 42e7f2776ebf7c6c73a377024b08dec8fc358251838587b12fa601c131b802bb

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 432
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 100 B
305 B 1746ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=p18yEbj7MwxwF7zoIFpTIXk03oM=&t=/kmdj/js/djchannel.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 54bcf08b9844662dfb48c7036931003dcbcf7d7fa349ac51b017423b78f0e5a0

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 110
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 558 B
568 B 1759ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=yMlGZSz4I/6Wk9Z10JMYxANLRtw=&t=/kmdj/js/replaceWithViewcount.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 57f3a43ca0b1ac17802723d243fc1d1d98aba942f552bfd3f32fd23d361b9690

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 373
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 1 KB
868 B 1784ms
268ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=ZeEeCXwvxjRzQFnpTQjSxPwTUOU=&t=/kmdj/js/UserLogin.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: fad9001ba06bc6c3b2f88382c76a06b95dbdb13c2e6360b5217a6f9a3b73d5c6

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 673
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 1786ms
248ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=XpkPamFgMek0CemnlynSwY+HEG8=&t=/kmdj/js/lgMsg.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 427e11d955882661532a89071884788f31a54cea94684063829a518410aca62f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 1153
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 1001 B
678 B 1801ms
258ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=Qvu8EftZwgHCs0yFiftocKDh1YQ=&t=/kmdj/js/base64.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: bf093b5c9a429e67bd8773c582377500eb7bef4cd2393cd35fec84f762d34f2e

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 483
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 17 KB
7 KB 2013ms
269ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=Uz6MhUmT4NbNShdphIK6NG2pJdA=&t=/kmdj/js/gibberish-aes.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 585ab22137ac81dbfcc514aaea6f01028cc9413ae319a4c88d3aa535765c269b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 7116
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 9 KB
4 KB 1994ms
249ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=LBV9GQ8JsM0UgKwPEF5JTxfczu8=&t=/kmdj/js/jsbn.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 7f7d7878c6c7e664cc9e002ea8cd6fae8b44a61ed6604567c8cc578cc4e32d0c

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 3394
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 550 B
467 B 2008ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=bVZcZRKIDw+vOhdbtnZR/4/r7GE=&t=/kmdj/js/prng4.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 10890767f8451d896ff77a8156ef0650a5a7f83304e086c8907f9f5c7331445a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 272
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 1 KB
685 B 2038ms
255ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=OT738mQd1XOKB2Fix9KC4VfaOSk=&t=/kmdj/js/rng.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 774f520ae45df6655ffab3f2f3680a9bd32ffbd9283e4b32893e0d03a383e80a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 490
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 1 KB
838 B 2036ms
251ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=mB8jYnvKMGwq+PspiaombAk5M/M=&t=/kmdj/js/rsa.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 086670ac835cb1d6bf72c32a0146baf54f11ba8fd5ef0a2eb77317d9139f5f59

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 643
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 9 KB
3 KB 2063ms
263ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=7y1pNAdI5NWkfAV2jJbkDFbpHf0=&t=/kmdj/js/jquery.blockUI.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 948b25f25c8c51f39f38aa13a377e3178b6402d8924deece0bdaab039e9ebe64

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 3285
Content-Type: text/javascript

GET
H/1.1 200
OK AutoComplete.css
www.moneydj.com/kmdj/App_Themes/Gold/ 759 B
643 B 517ms
246ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/AutoComplete.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 396

GET
H/1.1 200
OK blocks.css
www.moneydj.com/kmdj/App_Themes/Gold/ 5 KB
2 KB 778ms
261ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2019 08:33:07 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1335

GET
H/1.1 200
OK dhtmlwindow.css
www.moneydj.com/kmdj/App_Themes/Gold/ 1023 B
703 B 998ms
247ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/dhtmlwindow.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 456

GET
H/1.1 200
OK editform.css
www.moneydj.com/kmdj/App_Themes/Gold/ 1 KB
734 B 1002ms
250ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/editform.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 487

GET
H/1.1 200
OK FileUploader.css
www.moneydj.com/kmdj/App_Themes/Gold/ 2 KB
869 B 1007ms
251ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/FileUploader.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 622

GET
H/1.1 200
OK modal.css
www.moneydj.com/kmdj/App_Themes/Gold/ 416 B
676 B 1024ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/modal.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 429

GET
H/1.1 200
OK NewDetault.css
www.moneydj.com/kmdj/App_Themes/Gold/ 60 KB
13 KB 1035ms
258ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Mar 2021 08:59:03 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13282

GET
H/1.1 200
OK paging.css
www.moneydj.com/kmdj/App_Themes/Gold/ 2 KB
745 B 1221ms
250ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/paging.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 498

GET
H/1.1 200
OK RadMenu.css
www.moneydj.com/kmdj/App_Themes/Gold/ 3 KB
1 KB 1245ms
247ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/RadMenu.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 789

GET
H/1.1 200
OK TableLayoutCss.css
www.moneydj.com/kmdj/App_Themes/Gold/ 13 KB
1 KB 1251ms
250ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/TableLayoutCss.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1201

GET
H/1.1 200
OK treeview.css
www.moneydj.com/kmdj/App_Themes/Gold/ 2 KB
668 B 1255ms
250ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/treeview.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 421

GET
H/1.1 200
OK Window.css
www.moneydj.com/kmdj/App_Themes/Gold/ 4 KB
1 KB 1280ms
258ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/Window.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1104

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 2 KB
1 KB 2237ms
248ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=k9fK3N8Y/xks5O7bF9QbciBhvy0=&t=/kmdj/js/wikiTagJQ-min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c3d57d470fc761d3a241b4389a041509526fd9821cb724cfed0eda882f452f4b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 1053
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 286 B
404 B 2254ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=C5YK78iaVfq7cvuaiQP7X5CUdoI=&t=/kmdj/js/jquery.utils.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 7e9771aafa927d70fd735020afc98f1aa2c2167f206f43352b6d721d70a856d9

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 209
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 199 B
354 B 2257ms
250ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=xMMrY+LHswYlfG4bqA9HAYCtogo=&t=/kmdj/js/linkhandler.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 4bd40758f4ea07ce84f9faec3e5b88429309b006082e16d2ab938e861ac49bde

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 159
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 10 KB
3 KB 2277ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=Fw8yc39IiKeuI5936024lUJRsJQ=&t=/kmdj/js/jQuery.MultiSelect.Widget.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8989d049c6d96ef8534368983923e2527f3b899310d6c623e23142823d24ea82

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 3261
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd
www.moneydj.com/kmdj/ 2 KB
802 B 1281ms
249ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=Cjprpj44ZJd0fQAMoHhsFGUJXHs=&t=/kmdj/Css/jQuery.MultiSelect.Widget.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 4babe7b03c861ffd20b3cb0bc4f83a6fd404ff3360090f8033db4f7ea393a91e

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:43 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 614
Content-Type: text/css

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 9 KB
3 KB 2298ms
267ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=b2P4eq9qyrL7TWVw1uxZ+r2MqWo=&t=/kmdj/js/dhtmlwindow.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c8748716913d8745598f8d951fb16ff416f609c3f80675b33616499eb5f21ac1

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 2965
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 2 KB
998 B 2315ms
258ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=3rxqeMH3l/64tBPrqzCNCw19pSM=&t=/kmdj/js/modal.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2f1df89591ec8f48a6dc4ba04688bd9d09d28dc9e49de12ccd40f4627515772c

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 803
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 500 B
499 B 2483ms
248ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=YpecCy8iZSiuTy+kS76xnIdAzd8=&t=/kmdj/js/chart/chart_setting.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 30ae3a086a91c3252a3a9af0764e1f47a838ebb45e8b019baf04edc4606e347a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 304
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 1 KB
558 B 2501ms
251ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 21fd600f77fa9cdcdf0342229cd39d622a88337ede6a780577454c0d5a7f6df4

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 363
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 936 B
747 B 2687ms
433ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=q7EdfF8KgwFJOwC7PhYGd+YRiuU=&t=/kmdj/js/chart/execuChart.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8452a1cc15705046dd0d5f5b62b74bd212f9440ebdd8c150127815a192e0405a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:46 GMT
Cache-Control: public
Content-Length: 552
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 10 KB
3 KB 2523ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=7rt+cG90+J06yVm+oDq3vvysfpA=&t=/kmdj/js/util.string.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f74dad533f65177fc4ac3d1382e9e9d465e5d7c5ff96a6999cf1d668590e3003

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 2921
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 2 KB
1 KB 2549ms
252ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=bRc/L51RQbXhJWs2p0QPfdDodQs=&t=/kmdj/js/MicroBlogFW.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 9d1e7cd507f100a1f1322846a870f5033fb847fcaf1fc5f4892f5ca573c34ee4

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 920
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 4 KB
2 KB 2569ms
255ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=y1uWJZqmH1yGRBIrhZa03KJRVzE=&t=/kmdj/js/jquery.ui.core.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 36fd029b3bafd141fb21f2c4fb4a832aa48f599e97dd83f9496422f9dd812658

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:45 GMT
Cache-Control: public
Content-Length: 2016
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 47 KB
12 KB 2740ms
258ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=oIBwxSo2cigVxkQ8AkkY2I0XicQ=&t=/kmdj/js/jquery.ui.datepicker.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 9bb36d1ec58f42e7a5359aa8a20bf228ee07ef0cfd2466682aa1e238f9627cc8

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:46 GMT
Cache-Control: public
Content-Length: 12072
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd
www.moneydj.com/kmdj/ 7 KB
2 KB 1479ms
265ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=U6wzzlQE24rywAkJkRWqIn4YXTE=&t=/kmdj/Css/jquery-ui-1.8.16.custom.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8957e2ee20b6aabb9a9350f35fc95f8f0f88cd29651d1ef9e0ac624db0476ca8

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:44 GMT
Cache-Control: public
Content-Length: 1814
Content-Type: text/css

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 344 B
388 B 2751ms
251ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=v5m9X0GbOtx0LHPeOXQ9tRPNUnU=&t=/kmdj/js/Watermark.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: d6e530c426e1f8a9fcd59adaad82922ea478b41fd8e1f714ce316b4200247cc9

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:46 GMT
Cache-Control: public
Content-Length: 193
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 3 KB
1 KB 2765ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=vV5y3/G4qdLvh9RzyZHY0eaCgEw=&t=/kmdj/js/Tabs.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 232e47c1199ade628e6ab88540abca7c1789da3e79f1788b9a6a6448384df52d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:46 GMT
Cache-Control: public
Content-Length: 983
Content-Type: text/javascript

GET
H/1.1 200
OK Js.axd Show response
www.moneydj.com/kmdj/ 5 KB
2 KB 2798ms
253ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/Js.axd?k=e6fnz3Ja44/m+3jOe55yRL2XYHQ=&t=/kmdj/js/HotTabs.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 86261953c1068a5868e785e5ad1883d11387c122d573d16fc6ea4f39ae69ebd7

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Expires: Wed, 23 Mar 2022 01:26:46 GMT
Cache-Control: public
Content-Length: 2041
Content-Type: text/javascript

GET
H/1.1 200
OK WebResource.axd Show response
www.moneydj.com/KMDJ/ 23 KB
6 KB 2824ms
258ms Script
application/x-javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/WebResource.axd?d=UoTuX86ElZ_KcpR6Q4v2n_-Gq9Z5wZFc_uhSuIr5zgYMuTor1ijip8cCUoBb2Fm-iSGapDckmKlbsLphi97TW_Mlsh01&t=637118521340000000
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 21:24:48 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Wed, 23 Mar 2022 00:21:02 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 34ms
29ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qmZX6p1tv/BM51h51rL9OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "0ab444474500f3dd8e11c64dab872e43"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-qmZX6p1tv/BM51h51rL9OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:43 GMT

GET
H/1.1 200
OK djchannel_White.css
www.moneydj.com/z/js/ 5 KB
1 KB 1479ms
247ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/djchannel_White.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b308975aadeba3f6ab3008fc1a6b6199b713ebccb5db1161693ed29a0b7b5f49

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2015 10:08:15 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1132

GET
H/1.1 200
OK djchannel.js Show response
www.moneydj.com/z/js/ 11 KB
3 KB 2931ms
250ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/djchannel.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 4f352d28d3fe7b60091e674db1af430d3aa787e74671affdc2cdde1e7147458d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Mar 2018 07:09:32 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2961

GET
H/1.1 200
OK Arrow_Down_Black.png
www.moneydj.com/images/ 944 B
1 KB 368ms
251ms Image
image/png 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/images/Arrow_Down_Black.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 6ebfc4a255941a51a405c59b3d532ae0afe9cdec2591374ac1ea80d553f5594b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 25 Apr 2013 03:41:24 GMT
Accept-Ranges: bytes
Content-Length: 944
Content-Type: image/png

GET
H/1.1 200
OK spacer.gif
www.moneydj.com/kmdj/images/ 43 B
400 B 368ms
259ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/images/spacer.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK gBT_Search.gif
www.moneydj.com/kmdj/images/ 531 B
732 B 570ms
246ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/images/gBT_Search.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 860406da40dabcde2a28290ae1bd4042efba6fa45e0f6e6c81c0424f8f872418

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 531
Content-Type: image/gif

GET
H/1.1 200
OK jdMenu.js Show response
www.moneydj.com/funddj/Menu/ 2 KB
1 KB 254ms
254ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2c8b37d814f6f66fbd36a7e1e2aff7acf9c0275d024cde9c18e717c6d1ddecdd

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2011 10:03:16 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 638

GET
H/1.1 200
OK viewcount.js Show response
www.moneydj.com/KMDJ/js/ 634 B
750 B 250ms
250ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/js/viewcount.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: d8da4fc00e7d4ab411ce2d5d205f709cbd4935be6e8f50e897d45ff9e60de503

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 332

GET
H/1.1 200
OK Collect.gif
www.moneydj.com/kmdj/Icons/ 1 KB
1 KB 261ms
260ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Icons/Collect.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: fcbe14a8ddb57fc5916dcbce7a41954412ed2559c2696f9be3538b77e108c672

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 1033
Content-Type: image/gif

GET
H2 200 all.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/all.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adb104594eee1698de436d0c4528dde7b292ccb88c20a93cdfcc4d3f08fca8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YnnsqC9CIJ11JCRyshizBA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: d6ERI4zJqErJE0SBHDpsSeEfJ4Tl6I77pj7AxtpodeTcn/ZzzS9bjsOJS4tc6EKtb8w7jMstswAOPTy1T05pZA==
x-fb-trip-id: 917726464
x-fb-content-md5: d018277506b6e60216403e687f95106b
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:26:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fa6eb077f34ef4a40c996c877fcb36d3"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 23 Mar 2021 01:31:36 GMT

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
403 B 255ms
255ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA435&notable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
551 B 251ms
251ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA56&NoTable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
477 B 256ms
255ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA382&NoTable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
477 B 248ms
247ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA436&NoTable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK GetFormAd.aspx Show response
www.moneydj.com/ad_form/ 2 KB
1 KB 254ms
251ms Script
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ad_form/GetFormAd.aspx
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f1c4b0c685e07c923b70f28bacce7a2aa9894beb4e96bbc373401bad66419495

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 905
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK ProjectList.js Show response
www.moneydj.com/funddj/js/ 4 KB
2 KB 250ms
248ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/js/ProjectList.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 1d4f6e8496ceeb03a651b50e48e62aaec6074c8c9c4f4ff7a6cab2f728400e21

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Oct 2015 07:08:48 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1368

GET
H/1.1 200
OK LogJS.axd Show response
www.moneydj.com/InfoSvc/ 523 B
1 KB 397ms
396ms Script
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/InfoSvc/LogJS.axd?a=KM_A
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: cf08bccfda54119a685d055d8507ec870587c4923022cad5f8ff9e0f06aa989f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 573
Expires: -1

GET
H/1.1 200
OK network.js Show response
cdn.innity.net/ 10 KB
4 KB 156ms
46ms Script
application/javascript 95.101.178.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/network.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.178.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-178-219.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8d63c4af4bac69242b78473a8bf1ddf615cfeaa81c4dccdf042e53ec7250a59

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 07:39:17 GMT
Server: Apache
ETag: "285c-5676e96c35340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290
Expires: Wed, 24 Mar 2021 01:26:47 GMT

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 276 B
497 B 264ms
252ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA105
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b1d4c3a337686c06292a38e20dcdbec4ba9fd2cb2f38c8c2ccf23227f074387f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 304
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK bt-news-search.gif
www.moneydj.com/kmdj/Images/ 2 KB
2 KB 251ms
249ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/bt-news-search.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2e73791f77b96b34a35920a22df77abfa664441d46662dcb8a806e3a5822874d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 2043
Content-Type: image/gif

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
329 B 250ms
249ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA448&notable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 209ms
98ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 936 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19748
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:47 GMT

GET
H/1.1 200
OK jdMenu.css
www.moneydj.com/KMDJ/Css/ 2 KB
1020 B 259ms
258ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/Css/jdMenu.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ec4fb247cdece26f52a88d2ece2fad744bf82514515b807b87cc50138c28e0e0

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 773

GET
H/1.1 200
OK djchannel_All.css
www.moneydj.com/z/js/ 11 KB
2 KB 266ms
257ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/djchannel_All.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ef3e9b463af56b1e81e56d5a7da0fe840b1ed804c2c6fc931c88f8bec7a72fcf

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Jul 2018 00:44:15 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1526

GET
H2 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
101 KB 164ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:47 GMT

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 1 KB
541 B 310ms
309ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=HNZxfTvxAzmOQSos1ENZYA&haid=Hhc9Br-U&hzids=HaIe9M--,HaI69M--,HaIi9M--
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 9c975e6d48676798bdc22a92d89aaf3f0a98dc764fe66a7f43dda0dea3389c33

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:47 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie.djjs Show response
www.moneydj.com/z/js/ 2 KB
1 KB 250ms
249ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/cookie.djjs
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 00:06:19 GMT
DJ_Expired:
Content-Type: text/javascript
Cache-Control: private
Content-Length: 786
Expires: Tue, 23 Mar 2021 01:41:48 GMT

GET
H/1.1 200
OK chartall.1.2.1.js Show response
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 785 KB
195 KB 267ms
266ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/chartall.1.2.1.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: e61641df53d13dc883a7586f4a43b24545aef0c2d414ac7aaa90159605bc3413

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Apr 2014 06:30:37 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 198755

GET
H/1.1 200
OK MbChart.Config.1.2.1.js Show response
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 9 KB
4 KB 251ms
249ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/MbChart.Config.1.2.1.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c8e74b60a68fe6dfaa44e5ec7924fc3852d42c8f12b4107da837a9ad5e99655d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2014 08:23:22 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3262

GET
H/1.1 200
OK FundView.1.2.1.css
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 21 KB
4 KB 248ms
247ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/FundView.1.2.1.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 5c53384eb57611a57a6136766a39fc6deb5da74db2bcc95629cea73f9d87abca

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2014 07:11:29 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3713

GET
H/1.1 200
OK MbChart.Config.1.2.1.js Show response
www.moneydj.com/KMDJ/js/chart/ 9 KB
4 KB 249ms
247ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/js/chart/MbChart.Config.1.2.1.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 3940065d52f8b53136b319b9a420063253dcece16b6b6e7ea9367595ae655b54

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3250

GET
H/1.1 200
OK techCalc.min.js Show response
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/techCalc/ 21 KB
6 KB 491ms
253ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/techCalc/techCalc.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2221258151c74d7b31ce133e4a84ffc81569f3282aec1137560de34a0f7b3881

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Oct 2016 02:31:14 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 5363

GET
H/1.1 200
OK CSD.js Show response
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/ 56 KB
12 KB 509ms
260ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/CSD.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 22a3b24ffae61de035e980f880569ae085f732bde05715192e963bfae2be2c8a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2013 09:19:36 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12206

GET
H/1.1 200
OK CSD.css
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/ 14 KB
3 KB 415ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/CSD.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 52ca43c7ddac4c3c8d0a803f2bebceae02d3243b34fbcabc640906a4fa04ab19

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Oct 2013 09:53:25 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2738

GET
H/1.1 200
OK ListView.min.js Show response
www.moneydj.com/DJJSLib/CanvasChartSVC/extend/ 5 KB
3 KB 494ms
246ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/DJJSLib/CanvasChartSVC/extend/ListView.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2e27421fef03ae533242b5a35b3a198994db9dc580ed6c5a8977614eba50ee37

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2013 06:47:20 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2134

GET
H/1.1 200
OK chartloadobj.js Show response
www.moneydj.com/KMDJ/js/chart/ 10 KB
4 KB 501ms
251ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/js/chart/chartloadobj.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 66d1325c8c80043fe112b0b8006a599e2d318a9f8088ef92863cd6d7bec92e2d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3210

GET
H/1.1 200
OK chartload.js Show response
www.moneydj.com/KMDJ/js/chart/ 7 KB
2 KB 670ms
255ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/js/chart/chartload.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 54b85078e8213f91293b00f73111d5446826454d1d755339086be35238c019b6

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2087

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 181 KB
46 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d5908dd7471e235f10948142642080bb619ba460376d32659788a0a7c3f6411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47452
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:19:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Mar 2021 01:26:47 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 142 KB
50 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b1e4b6799aa648960345ee40c4824edf0aa9f253c3cdfc6b4ddb3251f9c071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 16:28:44 GMT
server: sffe
age: 439315
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50982
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:24:52 GMT

GET
H/1.1 200
OK banner.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 382 B
740 B 384ms
265ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/banner.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2718d43e3dd253a6a4a2997e5f4ee6b3eb8bcd4581453ac3a70b2858f6af2b25

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 382
Content-Type: image/gif

GET
H/1.1 200
OK Logo-Wiki-200x115.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 8 KB
8 KB 289ms
252ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Logo-Wiki-200x115.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 056ae0c995e2cb4118407bff91ed2a1365bd563f52b8806ae70ce8d4ce1e7971

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 7868
Content-Type: image/gif

GET
H/1.1 200
OK logo-wiki-news200x115.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 7 KB
7 KB 543ms
251ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/logo-wiki-news200x115.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f36851f555778bcca0fee94e6b673d99431ec704b0bcb1526cda4e38037f4464

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 7239
Content-Type: image/gif

GET
H/1.1 200
OK top-menuBG.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 604 B
806 B 560ms
257ms Image
image/jpeg 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-menuBG.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 106c04904b570c07db36ece67fd06343462f684f7335ba4079b11a1d7238adcf

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 604
Content-Type: image/jpeg

GET
H/1.1 200
OK search-bg.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 2 KB
2 KB 571ms
247ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/search-bg.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: d078224b4409d3443f851562e6707e68e258f7c32159f7c3e917eaf8e9e87bac

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 1653
Content-Type: image/gif

GET
H/1.1 200
OK jquery.bgiframe.js Show response
www.moneydj.com/funddj/Menu/ 5 KB
2 KB 560ms
258ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jquery.bgiframe.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 79a002b68c2f4e69aad0de6feb75b5cddaf84924b336954e782c68cd5cea0130

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jan 2009 07:57:22 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1796

GET
H/1.1 200
OK jquery.dimensions.js Show response
www.moneydj.com/funddj/Menu/ 3 KB
2 KB 681ms
250ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jquery.dimensions.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0282e0f6178e8571e579219591a7da1e44e728b89cbbc636cc076381cbf9e806

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jan 2009 09:42:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1290

GET
H/1.1 200
OK jquery.positionBy.js Show response
www.moneydj.com/funddj/Menu/ 8 KB
3 KB 726ms
256ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jquery.positionBy.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f55dc50f6554bf0cc63a933da57b95bdf8468ed4f91667cf67554c3652c9c47d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jan 2009 07:34:26 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2890

GET
H/1.1 200
OK jquery.jdMenu.js Show response
www.moneydj.com/funddj/Menu/ 5 KB
2 KB 775ms
254ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jquery.jdMenu.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: dc69cbb04dd6ae64f63a71acdf08c28fc15eaec9204e4b09aec68812572e0707

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 May 2015 04:29:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1722

GET
H/1.1 200
OK jquery.jdMenu.css
www.moneydj.com/funddj/Menu/ 2 KB
941 B 262ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: e55db04564069cf9e13c156b85c783ba19ead2ec7614592bbf72c1694ece07d9

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2011 10:03:16 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 667

GET
H/1.1 200
OK jdMenuGen.js Show response
www.moneydj.com/funddj/Menu/ 9 KB
2 KB 777ms
245ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Menu/jdMenuGen.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8536b5e98da7156d3c79f37ff3cd76d7f793e63b1f8675253643fb78a0056c5f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2015 06:45:23 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2023

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7102
date: Mon, 22 Mar 2021 23:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 01:28:25 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 192ms
63ms Script
text/javascript 13.226.155.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-36.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 15123121
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: kl87ODp1Ombux5aDJU2Ja5JFpCQWSk-_M8t9gX8fGhWC9fZvUpmpWw==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 75 KB
25 KB 27ms
6ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:36 GMT
content-encoding: gzip
age: 431
x-guploader-uploadid: ABg5-UxB7v1mU8DjXZ2WEHs0CcMFm13dRLsyrHlqnNGBgpSNLaarnOV7D2h3DvCyrBVpH0WvfT7lZz4Qs_VALRIaJfPZnKcf6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Mar 2021 01:29:36 GMT

GET
H/1.1 200
OK NewsAD.css
www.moneydj.com/funddj/ad/ad_news/ 420 B
615 B 335ms
250ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/ad/ad_news/NewsAD.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: e00b504aa169ae611abc550b7f609a2be2d0427d8d3029e0c27a94f33fc6874b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Feb 2017 08:06:17 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 341

GET
H/1.1 200
OK NewsAD.js Show response
www.moneydj.com/funddj/ad/ad_news/ 822 B
819 B 263ms
252ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/ad/ad_news/NewsAD.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b86a1909d262f05aff9803d767f9bb9832b1ecb64de5be51dd83f6f4bb492092

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Feb 2017 08:04:32 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 531

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2E6KfiFOg0jMAwX/hQbzY5OJXAgfVi7vR7V72jWowxB43Q+btKRcwJfzkE7iz0FHjbtLGLMI6zBnkvlOm8TP5g==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:26:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9...
https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E...

0
528 B

67ms
58ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&c9=&cs_ak_ss=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1616462807857&ns_c=UTF-8&c8=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 16ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 393ms
332ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77596448530770&correlator=255733123396700&output=ldjh&impl=fifs&eid=31060469%2C31060472%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=126805407%2Cmoneydj_news_content_160600_1%2Cmoneydj_AllChannel_72890_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1616462807&dt=1616462807921&dlt=1616462803574&idt=4313&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C514&adys=-9%2C52&adks=492727391%2C324619989&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C728x90&msz=0x-1%7C728x-1&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=false&fws=2%2C0&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

55692d2418e221e86567313b9a2f6965944b2a0ee6051e2aa24078fa8abbd489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8069
x-xss-protection: 0
google-lineitem-id: 5375506317,5633668208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322159628,138341513780
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=780963279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ul=en-us&de=UTF-8&dt=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=401287952&gjid=1728009897&cid=982085864.1616462808&tid=UA-8400411-3&_gid=731735234.1616462808&_r=1&gtm=2wg3h0XBJJ&z=830875009

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2550982111798094 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2550982111798094?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6661778f4f1de5f54428af65000d4aa388083b927b6d00e25f2558d86c867dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70549
x-fb-rlafr: 0
pragma: public
x-fb-debug: U7zCBFJSM1MHkgYCSbMv9q1nF2QO1ugpfJ2EB4NWghuJy/SydCEpHaVhHvHUzQRVr+wCCR/AMW5GNJQ2Xzvf0w==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:26:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-8400411-3&cid=982085864.1616462808&jid=401287952&gjid=1728009897&_gid=731735234.1616462808&_u=YAhAAEAAAAAAAC~&z=1209090417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 01:26:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
17ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-8400411-3&cid=982085864.1616462808&jid=401287952&_u=YAhAAEAAAAAAAC~&z=1948425909

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
16ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-8400411-3&cid=982085864.1616462808&jid=401287952&_u=YAhAAEAAAAAAAC~&z=1948425909

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2550982111798094&ev=PageView&dl=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&rl=&if=false&ts=1616462808121&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616462808110.423116056&it=1616462808030&coo=false&rqm=GET

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 01:26:48 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 196ms
60ms Image
image/gif 13.226.155.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E4%BA%AC%E5%9F%8E%E9%8A%80%E9%81%95%E5%8F%8D%E4%BF%9D%E9%9A%AA%E6%B3%95%EF%BC%8C%E9%81%AD%E8%99%95%E7%BD%B0%E9%8D%B0180%E8%90%AC%E5%85%83%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&time=1616462808128&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&random_number=18780753453&sess_cookie=4c75ddd91785cb1043d7301151d&sess_cookie_flag=1&user_cookie=4c75ddd91785cb1043d7301151d&user_cookie_flag=1&dynamic=true&domain=moneydj.com&account=2V1dn1a4KM107i&jsv=20130128&user_lang=en-US
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-67.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 03:56:09 GMT
Via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 77440
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: dqC-pAMS8AFv9TAEh_2aUje6nqXga0mnfg2Wc4nnvRycREWDvMpbyA==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CCB 0
0 116ms
114ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9XAtdcLyPE5Qt8erGWu23ImfPZ4-X89MwF1shTulJXK13fnDcDGSxmY8focu3qunHTEHFUgC2Og9Gv2Y4SkgJHHGHOqykxpbNK7DzuBnEF9NWOJs4L-NA-yeMymt-E2i4MV5hTvmNPZNlRswl1odUYhBDWxMjkiQTUkoRaG1frUGdz5UpErEghDhPFJu4-vJ3UKO2FQ96aVzUrqAB6tqTQ19z7v6ofenaHgIrWJ2hCBOmiYq1aYLUOslgdnlRstVgnSFGibNCvGS9Cf4YiMaX4o3nQu8j73oeUTPsDvkXPvVfR9CxO-llP41mKQ&sai=AMfl-YS59-i9MkE4ron3cmsuFhYfocZ9mDG7SX38o69ymAEhVDapAe16TYtpCZGcUh_RcAZUBzCU8W0uW53xymHxXoAJfPMRCDardOmZ0lGqyaznngFiK0P7yQqqjjum-s8&sig=Cg0ArKJSzEYAtBOIOJGQEAE&adurl=

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:48 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9CCB 2 KB
2 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CCB 117 KB
36 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:48 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9CCB 0
0 19ms
18ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk0pjqlM-TWHh-gEmGFuHwdFrNJHHVxgrAHSnbJSpojPExWqCcNZC5tRu6mXMTNyAd_2VA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 174682403159478150
tpc.googlesyndication.com/simgad/ Frame 9CCB 21 KB
21 KB 52ms
32ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/174682403159478150

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a4e57155cac27dada03504ce8a6cf26c9820535cc633427c6dbe95b117bd6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 18:02:10 GMT
x-content-type-options: nosniff
age: 113078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21112
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 07:48:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 18:02:10 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 213ms
212ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429055681843"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:48 GMT

GET
DATA 200
OK truncated
/ Frame 9CCB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70cbac26b21869bad05af441aae8033f8eb59131dcdc9d4115676a30e4ca947a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CCB 0
0 157ms
98ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0s7bJBjGODsUwg0QGc02n8uqwpQXfxnNkeF_h8QnuvN6UQx-njB_eoNSylvOapKYsjvk4w-k9Af8f6ob-jbWZ-guoLKD3lVcLcvRSXBxJ-5avk1oZA1iTvT_7xpcbbE5e90EAHSQxIXI7GJNoctrRRg1awqQs6KLV_QEWgNlM-mWIDNrVxtdpyKVvm8CjIqPhKnfJaSyLcHLVLe0VCPlflK5tP3B-TfnPfinKb0bZ1hyuZCfeIVgWFgUAW_pGF8IEsB_zgZGW_VbRYfFhj0PL6SKaZM2OH6qXS42Ge-FlSgO9pzkhN1e6wAvJfGkA&sai=AMfl-YRum8KFIVvi_JuKg3g-nBqVMxcENmFHu6g4q9EZx3ZmWvpnQKBXrH_7EL5DAucOYu3ADI6NMzrNdEVmzSt1bLzPlPmqZW9h-VFIL1jsuPitgMaj-mcTlilpOEhWRcA&sig=Cg0ArKJSzIyt-FGqViaOEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:48 GMT

GET
H/1.1 200
OK HeadLineNews.axd Show response
www.moneydj.com/KMDJ/ 50 KB
50 KB 267ms
265ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/HeadLineNews.axd?a=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 58962d431eb1adc153daba12e93b41144f8165596c83e5fc24587ce4408e99db

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: public, max-age=86400
Content-Length: 50987
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK HeadLineNews.axd Show response
www.moneydj.com/KMDJ/ 50 KB
50 KB 438ms
258ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/HeadLineNews.axd
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 58962d431eb1adc153daba12e93b41144f8165596c83e5fc24587ce4408e99db

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: public
Content-Length: 50987
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK GetADPage.aspx Show response
www.moneydj.com/KMDJ/ad/ Frame B1EF 3 KB
2 KB 359ms
254ms Document
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 6f5e68d657e2cc42be1e24fe36eabb7bbe7c742ea7259f3abd9190da2e87ad8d

Request headers

Host: www.moneydj.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ASP.NET_SessionId=yffw43jjqynlty45ipq4rr45; USER=; _Rel_KM=KM_A:DB144B15-B069-4ACB-9667-58E911B8AC66; _ga=GA1.2.982085864.1616462808; _gid=GA1.2.731735234.1616462808; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221785cb103ec357-00d8d3edd21aa9-5771e33-1d4c00-1785cb103ed6c9%22%2C%22%24device_id%22%3A%20%221785cb103ec357-00d8d3edd21aa9-5771e33-1d4c00-1785cb103ed6c9%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _fbp=fb.1.1616462808110.423116056; __asc=4c75ddd91785cb1043d7301151d; __auc=4c75ddd91785cb1043d7301151d; djaid=1.daf3fd5d-1101-4fe8-94f2-066b2053793a.1616462808.1039206186.0.0.c4b4a; __gads=ID=1905dfc4667fa077-225e8c4addba00c8:T=1616462808:S=ALNI_MbkIyI7mtXvaUBRmjn_8hR-4wxeCA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Response headers

Cache-Control: private
Content-Type: text/html; charset=big5
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Length: 1483

POST
H/1.1 200
OK db144b15-b069-4acb-9667-58e911b8ac66 Show response
www.moneydj.com/KMDJ/REST/Article.svc/VC/NS/ 54 B
201 B 450ms
255ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/REST/Article.svc/VC/NS/db144b15-b069-4acb-9667-58e911b8ac66
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 07ea18cc47c1d37aa2fd7214af4f5387d84f92126fcccb5804d9100350055f7b

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Cache-Control: private
Content-Length: 54
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 19 B
329 B 465ms
264ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA288&notable=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 136
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

POST
H2 200 /
www.facebook.com/tr/ 0
56 B 8ms
7ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQMSORGiPbiFlAjzq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 23 Mar 2021 01:26:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.moneydj.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK AutoComplete.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 759 B
643 B 260ms
254ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/AutoComplete.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 396

GET
H/1.1 200
OK blocks.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 5 KB
2 KB 313ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/blocks.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2019 08:33:07 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1335

GET
H/1.1 200
OK dhtmlwindow.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 1023 B
703 B 344ms
256ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/dhtmlwindow.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 456

GET
H/1.1 200
OK editform.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 1 KB
734 B 348ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/editform.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 487

GET
H/1.1 200
OK FileUploader.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 2 KB
869 B 351ms
251ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/FileUploader.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 622

GET
H/1.1 200
OK modal.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 416 B
676 B 367ms
266ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/modal.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 429

GET
H/1.1 200
OK NewDetault.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 60 KB
13 KB 525ms
262ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/NewDetault.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Mar 2021 08:59:03 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13282

GET
H/1.1 200
OK paging.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 2 KB
745 B 567ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/paging.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 498

GET
H/1.1 200
OK RadMenu.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 3 KB
1 KB 597ms
253ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/RadMenu.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 789

GET
H/1.1 200
OK TableLayoutCss.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 13 KB
1 KB 602ms
256ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/TableLayoutCss.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1201

GET
H/1.1 200
OK treeview.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 2 KB
668 B 607ms
258ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/treeview.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 421

GET
H/1.1 200
OK Window.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame B1EF 4 KB
1 KB 623ms
257ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/Window.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1104

GET
H/1.1 200
OK WebResource.axd Show response
www.moneydj.com/KMDJ/ Frame B1EF 23 KB
6 KB 823ms
258ms Script
application/x-javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/KMDJ/WebResource.axd?d=UoTuX86ElZ_KcpR6Q4v2n_-Gq9Z5wZFc_uhSuIr5zgYMuTor1ijip8cCUoBb2Fm-iSGapDckmKlbsLphi97TW_Mlsh01&t=637347063180000000
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 21:24:48 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Wed, 23 Mar 2022 00:21:02 GMT

GET
H/1.1 200
OK cookie.js Show response
www.moneydj.com/z/js/ Frame B1EF 3 KB
1 KB 844ms
250ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/cookie.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0ce8d906856c74a79a728b8d352992c6eb0e39764d3b683036f1f91c9d3455de

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Nov 2003 08:29:00 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1061

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/AdS/ Frame B1EF 2 KB
992 B 875ms
275ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/AdS/getTextAD.aspx?Type=ButtonTextA104&NoTable=
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 944d1e92f6e61d1a25bc4387a3ee70b9f238582824c011d6a27dd2a98d5c2c29

Request headers

Referer: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 799
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H/1.1 200
OK Arrow_Down.gif
www.moneydj.com/funddj/images/ 51 B
278 B 769ms
258ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/funddj/images/Arrow_Down.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 6e31dd0b786fd91dc338ad47d525a36b9fddc0bedf7fe2245b9ac16aa76c9b5a

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Cache-Control: max-age=604800
Last-Modified: Mon, 11 Jan 2010 11:40:29 GMT
Accept-Ranges: bytes
Content-Length: 51
Content-Type: image/gif

GET
H/1.1 200
OK Arrow_Right.gif
www.moneydj.com/funddj/images/ 51 B
278 B 984ms
314ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/funddj/images/Arrow_Right.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f21a824d68a45b591aa88d898736127554a74ac5edef82a6e403e737c8a3e77e

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Cache-Control: max-age=604800
Last-Modified: Mon, 11 Jan 2010 11:40:51 GMT
Accept-Ranges: bytes
Content-Length: 51
Content-Type: image/gif

GET
H/1.1 200
OK MenuBG_980x28.jpg
www.moneydj.com/funddj/images/ 2 KB
3 KB 960ms
251ms Image
image/jpeg 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/funddj/images/MenuBG_980x28.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 267d3023a0ce2ebe1c367a12b5507e4c1ab237d995895204203bb50b274b762e

Request headers

Referer: https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Aug 2016 03:37:42 GMT
Accept-Ranges: bytes
Content-Length: 2429
Content-Type: image/jpeg

GET
H/1.1 200
OK top-submenuBG.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 553 B
755 B 986ms
253ms Image
image/jpeg 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-submenuBG.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 553
Content-Type: image/jpeg

GET
H/1.1 200
OK getpublickey.aspx Show response
www.moneydj.com/usr/ 331 B
747 B 726ms
262ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/usr/getpublickey.aspx?type=1&format=1
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 68ba33e806390a8790df5bc803931920314aafe3493f90765424fb2e7c2c5a9c

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
Content-Type: application/json; charset=big5
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept

GET
H3-Q050 200 container.html Show response
4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 874F 6 KB
3 KB 58ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 01:26:47 GMT
expires: Wed, 23 Mar 2022 01:26:47 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 all.js Show response
connect.facebook.net/zh_TW/ 190 KB
58 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/all.js?hash=f43c45a95f40b41f987137a76a1d6993&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbb016406b76787a1cf802efad8a177c0ead551a5c498df305a5d4283b2a3eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.moneydj.com
Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jzi86AfvjIvDfrb2NEvRng==
cross-origin-resource-policy: cross-origin
expires: Wed, 23 Mar 2022 00:33:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58418
x-fb-rlafr: 0
x-fb-debug: 6q4wFC2uLu4PU+5qafLnMR1Vi8PHjGxbTZQuMdNulcyPQmpm+27C1C4BXgdqdgSrUITy4GeFSuYjxzhV9Ze/AA==
x-fb-trip-id: 2050670934
x-fb-content-md5: b88772c04fa1da19e8a10239ae4ddbcc
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:26:49 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "61503b1a1c215c00d88760201cb9d665"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK Path-Arrow.gif
www.moneydj.com/kmdj/Images/ 53 B
253 B 953ms
252ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/Path-Arrow.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: a3e992b28060b1a3fdb2c53d8ad146f5e557fe73c88d2b789fcaf1b80502f80d

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 53
Content-Type: image/gif

GET
H/1.1 200
OK ProjectList.css
www.moneydj.com/funddj/css/ 1 KB
569 B 435ms
255ms Stylesheet
text/css 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/css/ProjectList.css
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/js/ProjectList.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b23267afa1d707f5a280500d8cddc8df14810f33dee697ff83c4484a54c457ea

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Sep 2013 09:49:06 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 295

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 874F 24 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
URL: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43751
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:17:38 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 874F 95 KB
34 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
URL: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a2de800c8ce8bc4c36952d1c806996a5093d6426003d8e9c6e9b05248eecaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34665
x-xss-protection: 0
server: cafe
etag: 7667117511100578818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:49 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 874F 117 KB
36 KB 86ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
URL: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:49 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 51ms
41ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=122887437721589&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=f43c45a95f40b41f987137a76a1d6993&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 79Mbw+D/aXlBBTakiPf4SUNHxbycVper3KYs++xT9V6cAZT/3JssmSU2NJOmnxkDCKCV3g0tY1XRKep0DjYDZA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Mar 2021 01:26:49 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneydj.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 874F 0
0 90ms
81ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhqodLono5DgLvprvWxQKEmcrqVlAOAaW5qhsiOT6AnonfB6aaifaxjur3zDoPaZidFY5JyDnkhELbY8OMoTiiGjBulwwc86YY-M7dlrmF_owr9934HWddgAXCkQnNZl4BS6MU-8VD1KJPfyALTgsq3vBSpCXyvNtxkxtMJ8635YhYxQE5-Aqhx-DbpIkcw0eEXZFZBAP2kvlyhMGgUEc0mgdska-1uo2ib69mmCoBGHpkvhvk3HAlrXllv4jEPcrB0zKP692UizwyqHhJO-JZYkig8kEQvYJ9tspudla-MjRvN6pwtlar9HDsEQR-8Ds&sai=AMfl-YSjMPbuu7WLXrm1BMlHhkpEXTAU9tJ1gLCYakUPbmVroqw_sykFU49OQABAWMDUvXIxhkrn7isWwzllfkSpSehOOcCQyiOZixtGYs-MSEuVLsCKjOgGFYqyQAWlhV4&sig=Cg0ArKJSzPsONyOUZGxdEAE&urlfix=1&adurl=

Requested by

Host: 4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
URL: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame 874F 226 KB
85 KB 58ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/ Frame 9CEF 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210318/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 15:04:23 GMT
expires: Mon, 05 Apr 2021 15:04:23 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 37346
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 874F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 125335bf6e725340c2f8043971bf13d8206d848d65669e96c6de736104ac3ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CCB 42 B
479 B 71ms
55ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugyVBla5QI0DCErVJMemw336gBqkA9wgOrvssm52KTURRNvX39mt-MTuaxVCy4HpdqRvXB6J2aVLE0TJ_XBjCPMHmBmw17We9cUUQX5Tk&sig=Cg0ArKJSzPpwYho1wBpcEAE&id=osdim&mcvt=1051&p=52,514,142,1242&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20210319&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=324619989&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616462808377&dlt=0&rpt=305&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 874F 107 B
777 B 68ms
53ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 874F 107 B
531 B 50ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

CF-160X600_NewsLeftTop.html Show response
adx.doublemax.net/image/creative/20200519/Turn/ Frame D89B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10846&adk=1326293989&adf=816031632&pi=t.ma~as.7595289909%2F10846&w=160&url=http...
https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

530 B
851 B

503ms
337ms

Document
text/html

13.32.21.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com&amaexp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4889e841a6e60260687d67cdc9651c20c8535c65c768bc85d2d783553cb640ea

Request headers

:method: GET
:authority: adx.doublemax.net
:scheme: https
:path: /image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/

Response headers

content-type: text/html
content-length: 530
last-modified: Tue, 19 May 2020 06:40:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Mar 2021 01:26:51 GMT
etag: "8e354b140bfcb2cac175e0ec2e4d6215"
x-cache: RefreshHit from cloudfront
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: pzi3yCctys02PzwX3hpJ-wL8b7HJxNGTYQLhmEA4MxuB0hj4iiqTDw==

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:50 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 874F 73 KB
28 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:49 GMT

GET
H2 200 moneydj.js Show response
api.popin.cc/searchbox/ 111 KB
30 KB 228ms
56ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/moneydj.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: 255deb0b3798d26eb99ec5608892f4906336a91397aa91f7bf1ad49e6d4ea401

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:49 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 05:36:05 GMT
server: ECS (amb/6B89)
age: 795
etag: "44dad081d1d5511c97eb6999de3c7d31+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: GPK5V6WE2HEGJ33Y
content-length: 30886
x-amz-version-id: mNXtsusl4jRN4v2LRDob5VE2_CebJ5t7
x-amz-id-2: JuEvH3zP2klYnuy2wn6gINpXAtLg0ugA4/lnbGKaOyFZLeNemm9EU4GOfTPjOmIz9h/wPIcO4V0=

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 0
599 B 1202ms
300ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1616462809818&ver=1&pub=586f9b4035e5997f77635b13cc04984c&zone=40673&output=js&flash=0&url=www.moneydj.com&width=*&height=*&vpw=1600&vph=1200&auction=4312da6-1ca4287
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/network.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:26:50 GMT
Last-Modified: Tue, 23 Mar 2021 01:26:50 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 0
Expires: Sat, 03 Sep 1983 02:00:00 GMT

POST
H/1.1 200
OK data.aspx Show response
www.moneydj.com/Usr/ 93 B
663 B 257ms
256ms XHR
text/xml 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/Usr/data.aspx?a=1&c=1&d=0&enc=UTF8&b=12c03b6a7c789058330f75d1216db93895171dda4c4ec527ab8a29301adbf7d9cf9aa53638dce6052fe38f395802ea3efd44db61f4ac41594b873c2196b2f24646762ee2bee135a6ef4eb5814c579afb525114ea6f3db3f10ae44a723bf4b424334830894f7b84ce934d49beca24361a0a3021c26bae6354ad485f9502971eb4
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 76135fa1e4413cf5a33b6fdb90efda14b4bbcd8ceb591009e8476c5920c60de3

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 23 Mar 2021 01:26:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
Content-Type: text/xml; charset=big5
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept

GET
H2 200 td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 52ms
50ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:50 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2018 09:42:51 GMT
server: ECS (amb/6BAD)
age: 1232
etag: "17b2e8b253e693d224f7d8407e28e1ea+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: WVGQ5NWP55NEFJ65
content-length: 12707
x-amz-version-id: null
x-amz-id-2: 28vzuW44ho3iiJe1m6cGWCqtptL9MwcC0NjKc9GY9OU2oELy7PD92B2PCP72Xj7R09tiUmj7hbA=

GET
H/1.1 200 recommend Show response
tw.popin.cc/popin_discovery/ 69 KB
15 KB 1633ms
646ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&&device=pc&media=www.moneydj.com&extra=windows&agency=adgeek&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=fc91dfae22106e881a21616459210076&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNCVCQSVBQyVFNSU5RiU4RSVFOSU4QSU4MCVFOSU4MSU5NSVFNSU4RiU4RCVFNCVCRiU5RCVFOSU5QSVBQSVFNiVCMyU5NSVFRiVCQyU4QyVFOSU4MSVBRCVFOCU5OSU5NSVFNyVCRCVCMCVFOSU4RCVCMDE4MCVFOCU5MCVBQyVFNSU4NSU4MyUyMC0lMjAlRTYlOTYlQjAlRTglODElOUUlMjAtJTIwJUU4JUIyJUExJUU3JUI2JTkzJUU3JTlGJUE1JUU4JUFEJTk4JUU1JUJBJUFCJTIwLSUyME1vbmV5REolRTclOTAlODYlRTglQjIlQTElRTclQjYlQjIiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYmIiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2MTY0NjI4MTAwNzgsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_93043528a40f
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 866d05babdc7032997ec92debbd92c5aec502b32b4647009837f6a4830a01852

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.13.5
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8

GET
H2 200 popin_discovery5-min.js Show response
api.popin.cc/ 159 KB
44 KB 51ms
50ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 41de6ebbe9653813f28709c8ad60193f319a568c04c71198b8dd9ddd4ca125ba

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 05:08:45 GMT
server: ECS (amb/6B90)
age: 274
etag: "519666be22320db83e2d65ab657dbd85+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: XHM2TEWRND12JFV0
content-length: 44501
x-amz-version-id: mugy5YgUsdFYsiM1SV6weW.2JXi0Ar1I
x-amz-id-2: eNAs8tplK45MVjzP4R0BCBwUefIVq0dcoyrLpik46K1yBmLpF+KYxbsP75tV800WR92LLqUln0Y=

GET
H2 200 popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 13 KB
4 KB 52ms
51ms Script
application/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:50 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 07:00:22 GMT
server: ECS (amb/6B77)
age: 584684
etag: "40ef446de8bc060bf7029f02f429d95c+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-request-id: N8JER04SGKK7J82M
content-length: 3896
x-amz-version-id: UFXK_rPkO_LVDe1kZmkgodLc5zcbKvY0
x-amz-id-2: 6sePCiRR5qB233RIB5KuqLGasT+SdHdO7UgxZptZVqs1WOtPixYhEby7FUBF1HVNBs+ojEF1wI4=

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame D89B
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

38 KB
39 KB

31ms
11ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f986cbacca9fd13b5f9f186d871d11658509fae78bf80a6ffc50f98ad09f5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2357
content-length: 39237
cf-request-id: 08fe4a285800004dfaf793f000000001
last-modified: Mon, 15 Mar 2021 04:23:22 GMT
server: cloudflare
etag: "604ee13a-9945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qg0j2YNj3CwNkm%2Bpkue9YvZXBVY88koJIxqp3S%2FE1cr5%2BzS74%2FXLqRZ4WJkMRzC5jMDlo6L5GP2QQEmsOFJKNFFbNGm9O3%2Bd9jdi81%2BJ9GgmfEWe%2FvGraaA5CR8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6343dfba2dd44dfa-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H/1.1 200
OK moneydj_kmdj_right_300250_1.js Show response
www.moneydj.com/funddj/Ad/network/ 462 B
699 B 260ms
260ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/Ad/network/moneydj_kmdj_right_300250_1.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA105
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 09f2e86814746e389510ec887015b95e6267a82ad90eeff9f7d58f05f220021f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2020 09:58:21 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 411

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D89B 975 B
624 B 16ms
14ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3405
cf-polished: origSize=1191
cf-request-id: 08fe4a286d00004dfac68ce000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tx4zTsvR6G3tHrO%2BTBHMTzi23gGFzBigHh0npy%2F17JtP74q5RkMTUF%2B51CNmkY%2BFF3%2FXM%2Fxj%2BLt35ThL%2BvUO%2F7YEyMRHWEDA9qwO7WYMFN7HTY6eeuWqXL2glI8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 6343dfba4dff4dfa-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame D89B 46 B
495 B 610ms
156ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99d354be528372d292b260e77a7b1512c3b4d982b4b6e3b029f12b655c601ac5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.doublemax.net
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D89B 378 B
1015 B 436ms
164ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2F4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com%2F&xr=1&adid=ad-BE7EB4A4966ABDAA079E466673BBE246&w=160&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3628472571084085&ao=https%3A%2F%2Fwww.moneydj.com
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d66b7cdd626243fb785049bc4c3861d28e53b9317863ac1d5d2eb6b0fc0849f0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
x-width: 160
x-height: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.doublemax.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 378
x-adstyle: banner

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 874F 0
0 87ms
86ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupXibgNgxjmPbBea0WfW5PYRSaHmTv9NUPlgQFjxmWtQSp89BRQHreJWJ9SICQD7HLQF2_t-kPeWCWZb7EsZJwpLnhdxuS7bi0m2uzyyEUKE3ZARVU7fjmYhALHFohYv3IoxC4RvfoT-QLj9EEotwm1xORy1xbtCyWTVHEpT-0zFWp_68ynXi-gb2DOxHVPOULpBdI5laPfuXHjWmJSXULRR-G9DLNl9PQVOGd3UbnomphOnRgIpSSQHXBpmjbDJx1PUY6B1l9XIfNSxi3eePSI1wmFwAQpLcd4KIqn-HmpE9vkJnMKWg7VW3mxJv2hSeA3A&sai=AMfl-YQ5tpFIQShdz04b9xATsfsDqT3Qunw7Jb86m6P2-emtZw7SnFeWb8IwgcsLxVq8vZ-8KkBfDN1kb3_Cmt4r0hWrSMHNzGMIi4u5A9nwBeIkKUKJcD6A9wAGrNYXclw&sig=Cg0ArKJSzBod8S_2u6MvEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 874F 8 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

885a374c21799d6813bf8d2b27368e738108e39de6ad14004d330d0315f4cf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6567
x-xss-protection: 0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Ad/network/moneydj_kmdj_right_300250_1.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 874F 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H/1.1 200
OK 5 Show response
www.moneydj.com/kmdj/REST/GetData.svc/ListByHotViews/NW/ 2 KB
2 KB 261ms
261ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/REST/GetData.svc/ListByHotViews/NW/5
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 977df4ca4b77ce828d0a72a98504e2d5031106a464a8694ddbd34bbbdb3c8e8c

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Cache-Control: private
Content-Length: 1649
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK WikiService.axd Show response
www.moneydj.com/kmdj/ 75 B
373 B 612ms
612ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/WikiService.axd?cmd=FindWikiSubject
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 40a4a55cdeeaeb24d5022f530e18b5d13581db824dd03c95b4454b8493663335

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept
Content-Length: 81

GET
H/1.1 200
OK SubHead_c_BG.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 252 B
453 B 252ms
249ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/SubHead_c_BG.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 79a3403bc89fd64b8ac73a2b7da6d99ca1fde1f5fafe1cb6da5dfb8c5a0cc5f6

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 252
Content-Type: image/gif

GET
H/1.1 200
OK R2-TabBG.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 57 B
257 B 253ms
250ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/R2-TabBG.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 49fc04b260ac1a7702d64ed979d7173a9447a5952b942f3cbe74f363a0569c56

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 57
Content-Type: image/gif

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 84ms
80ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77596448530770&correlator=255733123396700&output=ldjh&impl=fifs&eid=31060469%2C31060472%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=126805407%2Cmonekmdj_right_300250_2ydj_&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D1905dfc4667fa077-225e8c4addba00c8%3AT%3D1616462808%3AS%3DALNI_MbkIyI7mtXvaUBRmjn_8hR-4wxeCA&bc=31&abxe=1&lmt=1616462811&dt=1616462811329&dlt=1616462803574&idt=4313&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=744&adks=1452853795&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&psts=AGkb-H8fCfbqxK71qmDzJ_j3UVEWd6-937WOeJ5weNZotxCzBNcXQerRZHvlqa9GT-Lg0FXnOQHyqacdm18%2CAGkb-H_JGMNgLiVb_2VUBNTZooH4HT8OAdAF7mUcrCedQgn16yomA5Cu3k4ifwmNTFyflQza9Pswl1La_g_E&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4c7afbc506de51bb5152d39249dfb8adfd2f7123b04eef5083afc0698ca984b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2498
x-xss-protection: 0
google-lineitem-id: 5370076789
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322579333
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK NW Show response
www.moneydj.com/kmdj/REST/GetData.svc/ListBySimilars/RP,DT,WK/db144b15-b069-4acb-9667-58e911b8ac66/ 1005 B
1 KB 348ms
345ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/REST/GetData.svc/ListBySimilars/RP,DT,WK/db144b15-b069-4acb-9667-58e911b8ac66/NW
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 1dd696049e5ebd6762885baf79f00cea66748561c907422cdf7bc26aa164e4bb

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Cache-Control: private
Content-Length: 1005
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 344ms
343ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77596448530770&correlator=255733123396700&output=ldjh&impl=fifs&eid=31060469%2C31060472%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=126805407%2Cmoneydj_kmdj_300600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie=ID%3D1905dfc4667fa077-225e8c4addba00c8%3AT%3D1616462808%3AS%3DALNI_MbkIyI7mtXvaUBRmjn_8hR-4wxeCA&bc=31&abxe=1&lmt=1616462811&dt=1616462811361&dlt=1616462803574&idt=4313&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=1046&adks=2130077496&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1402&msz=300x-1&psts=AGkb-H8fCfbqxK71qmDzJ_j3UVEWd6-937WOeJ5weNZotxCzBNcXQerRZHvlqa9GT-Lg0FXnOQHyqacdm18%2CAGkb-H_JGMNgLiVb_2VUBNTZooH4HT8OAdAF7mUcrCedQgn16yomA5Cu3k4ifwmNTFyflQza9Pswl1La_g_E&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

bd654d0906e326981b8d8d1ca2d08aad3637ece23794abb9316dae7280dd1c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2498
x-xss-protection: 0
google-lineitem-id: 5369402547
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311482596
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 514ms
513ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=77596448530770&correlator=255733123396700&output=ldjh&impl=fifs&eid=31060469%2C31060472%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=126805407%2Cmoneydj_kmdj_72890_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&cookie=ID%3D1905dfc4667fa077-225e8c4addba00c8%3AT%3D1616462808%3AS%3DALNI_MbkIyI7mtXvaUBRmjn_8hR-4wxeCA&bc=31&abxe=1&lmt=1616462811&dt=1616462811371&dlt=1616462803574&idt=4313&frm=20&biw=1600&bih=1200&oid=3&adxs=309&adys=1674&adks=3060855054&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=983x90&msz=983x90&psts=AGkb-H8fCfbqxK71qmDzJ_j3UVEWd6-937WOeJ5weNZotxCzBNcXQerRZHvlqa9GT-Lg0FXnOQHyqacdm18%2CAGkb-H_JGMNgLiVb_2VUBNTZooH4HT8OAdAF7mUcrCedQgn16yomA5Cu3k4ifwmNTFyflQza9Pswl1La_g_E&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

451bdfe706227fcfc5f5a6891807cf5d28031230e331f7a642ab47e50289748c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2511
x-xss-protection: 0
google-lineitem-id: 4691338759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234952063
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.moneydj.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie.djjs Show response
www.moneydj.com/z/js/ 2 KB
1 KB 253ms
252ms Script
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/z/js/cookie.djjs
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 01:24:10 GMT
DJ_Expired:
Content-Type: text/javascript
Cache-Control: private
Content-Length: 786
Expires: Tue, 23 Mar 2021 01:41:51 GMT

GET
H/1.1 200
OK top-submenuBG.jpg
www.moneydj.com/KMDJ/App_Themes/Gold/KKImages/ 553 B
755 B 384ms
250ms Image
image/jpeg 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/KMDJ/App_Themes/Gold/KKImages/top-submenuBG.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/Css/jdMenu.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89

Request headers

Referer: https://www.moneydj.com/KMDJ/Css/jdMenu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:50 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 553
Content-Type: image/jpeg

GET
H/1.1 200
OK a_djlogo-s.png
www.moneydj.com/Z/images/ 9 KB
9 KB 270ms
267ms Image
image/png 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/Z/images/a_djlogo-s.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel_All.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 888b1cb2edcdc8d5aef1363603bbf182852d792cbdead4c2ab3eecc38bacc686

Request headers

Referer: https://www.moneydj.com/z/js/djchannel_All.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Fri, 16 Sep 2011 08:12:16 GMT
Accept-Ranges: bytes
Content-Length: 9399
Content-Type: image/png

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame F7F9 2 KB
1 KB 55ms
40ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c7fe2001d62d70e5f063d0647d11623cc12d9348d5c1e5b26cce348887eea38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oC4zrrkPhowYsfx5ltfIUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=hbKzg3rPqQnfaHs92-kQnLjnxJnsFjg4voNToUQQlFYTecgEbb1fuEGlBHrZRe2k9AaiPX-WxVyjrWF9DfM-2BZO-JnvYczRkNjsgu5tBGdWNOW9jfya3Y5kifDtGkV81Qtt9pTxVCgqcGCDVU8G9D8bFi-K8Qhs9nfXsPW9vvU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 01:26:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-oC4zrrkPhowYsfx5ltfIUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame F18F 2 KB
952 B 44ms
41ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9bfe967551d09c00ee79e6717622b899f54d67c99057308bbc4f320c991f40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6+8QhT2FtrLUYa45IaX5hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=hbKzg3rPqQnfaHs92-kQnLjnxJnsFjg4voNToUQQlFYTecgEbb1fuEGlBHrZRe2k9AaiPX-WxVyjrWF9DfM-2BZO-JnvYczRkNjsgu5tBGdWNOW9jfya3Y5kifDtGkV81Qtt9pTxVCgqcGCDVU8G9D8bFi-K8Qhs9nfXsPW9vvU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 01:26:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-6+8QhT2FtrLUYa45IaX5hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK top-memu-o.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 1 KB
1 KB 357ms
254ms Image
image/jpeg 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-memu-o.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: c2502aaf14c8613f3710775541bc71b11a82a334fba5392b5361e3b2341bf8b3

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 1104
Content-Type: image/jpeg

POST
H/1.1 200
OK vc Show response
www.moneydj.com/InfoSvc/apis/ 82 B
214 B 354ms
259ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/InfoSvc/apis/vc
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 076472ea8067fa993c2490404e69e789752236802b85f710541883bce737aeab

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: private
Content-Length: 82
Content-Type: application/json

GET
H/1.1 200
OK UserLogin.axd Show response
www.moneydj.com/kmdj/ 73 B
220 B 423ms
254ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/UserLogin.axd?a=1616462811463
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: a8c8db0a0ade631142fb7f804bbdde1c08e541ac9eec90c981e1c324c323cc17

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: private
Content-Length: 73
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 59 B
346 B 479ms
256ms XHR
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA434&adstype=json
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b75789d6c7d14d9c6373ebe3c8327f6752852e67b20cafde2ec233364a2c4675

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 153
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

POST
H/1.1 200
OK ListByKeyIDList Show response
www.moneydj.com/kmdj/REST/GetData.svc/NW/ 850 B
998 B 595ms
261ms XHR
application/json 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/kmdj/REST/GetData.svc/NW/ListByKeyIDList
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b170decb3a6efd8bffdddabafd49423d113065921ef7e4e9ea6072ecac4b6db0

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: private
Content-Length: 850
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK PushIcon-facebook.png
www.moneydj.com/kmdj/Images/ 177 B
378 B 544ms
255ms Image
image/png 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/PushIcon-facebook.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: dc1076e79e582da826b2ee013367f7cc8d9b2fcd9c54142952bb5810266bef63

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 177
Content-Type: image/png

GET
H/1.1 200
OK PushIcon-Plurk.png
www.moneydj.com/kmdj/Images/ 159 B
360 B 641ms
255ms Image
image/png 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/PushIcon-Plurk.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 37ed55c7f527462034f604fd9e09aa48d3284f5042c97cba1712f6afd086cb7d

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 159
Content-Type: image/png

GET
H/1.1 200
OK PushIcon-Twitter.png
www.moneydj.com/kmdj/Images/ 503 B
704 B 554ms
255ms Image
image/png 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/PushIcon-Twitter.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: ee6c0bdc558915efed566a44df847b8078928141d6c6d68fb272637f12177bff

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 503
Content-Type: image/png

GET
H/1.1 200
OK 22_Calendar.gif
www.moneydj.com/kmdj/Images/ 1 KB
1 KB 612ms
254ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/Images/22_Calendar.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 92c0f743e3d9afb784030430b40599fbf3ed8a6c1520a6ec69f08ea178912f7f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 1152
Content-Type: image/gif

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame CB6A 44 KB
15 KB 85ms
85ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=f43c45a95f40b41f987137a76a1d6993&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e9d2369ca510e580bfc0a4fbc80c65cb11f0b192e1361a0b16f2760006d459

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0we8f6UnsBf5BgUQw..BgWUPY...1.0.BgWUPY.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: U8LAiMTI9xlrc8Cj8XDnaJ+00bFRR22sfUyEV6ewBjWMD6CS2Y5oSB0IMATAKHH672Nih8f7sYDO2ObodWmROw==
date: Tue, 23 Mar 2021 01:26:51 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame BDFD 44 KB
15 KB 80ms
79ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=f43c45a95f40b41f987137a76a1d6993&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

804769fbfb50dace86f322216f4534effc8ca9edc3009110e240e483a779b7a5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0we8f6UnsBf5BgUQw..BgWUPY...1.0.BgWUPY.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: onjB1yUikCPi9P7WCFPKKWP9HWzrdaKfi0Ty9aPUUOi7kcoqvdHO4fuC7k/0DrP2m87zavVw7GIIhdVDvZH4nw==
date: Tue, 23 Mar 2021 01:26:51 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B2A 0
0 88ms
87ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhyot0z2bcCJqKPLMGIasuED11BqGnmNbHLbxU37Lp2TxFcoMBbEzQXkjh4RcCAnfZVvPk6rdBPuwQ0VOXzueMcUw7ZnifUxi8ZLHrHCB6i1XlV35vl-MOVWb1G9q2H7ors7QZShh2p41Ccw-0oXSQW6x4CFJm92_Lm_6eZqW4bnWl48E7hiymD4Hng_YXS4GF8lxY1EDN34VI7DvcH1X45SbyYdU27YNn7HuwMNxL0-bXkoPjPt2-SAaFwe1SBpwm2W1KvY7cvCdJFcDBafY8BBO1_zvj0ocAfoksD5vQjuT3HM-K5-aC889dW0eUGH5Z&sig=Cg0ArKJSzLTR8YT7PHikEAE&urlfix=1&adurl=

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7B2A 95 KB
34 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a2de800c8ce8bc4c36952d1c806996a5093d6426003d8e9c6e9b05248eecaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34665
x-xss-protection: 0
server: cafe
etag: 7667117511100578818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B2A 117 KB
36 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H/1.1 200
OK QKAD.js Show response
www.moneydj.com/funddj/ad/QK/js/ 2 KB
1 KB 266ms
265ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/ad/QK/js/QKAD.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 3e2d8bd268c51f92869bef967e15d31044c9831dd02d0274b864fb79ab00effc

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 06:59:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1228

GET
H/1.1 200
OK Tab-a4-NotSelected.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 590 B
791 B 589ms
251ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Tab-a4-NotSelected.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 678ce45478f188e2c37f414d0b1d92946f4aca2ac58666dd051edf06f2808fb4

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 590
Content-Type: image/gif

GET
H/1.1 200
OK Tab-a4-Select.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 1 KB
2 KB 718ms
252ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Tab-a4-Select.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: cf45de7001e972de07f1467c916648af3011c3f8fef529995136b311d3e07ccc

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges: bytes
Content-Length: 1512
Content-Type: image/gif

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D701 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10977
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ 226 KB
85 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame 7B2A 226 KB
85 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame F7F9 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame F18F 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
DATA 200
OK truncated
/ Frame 7B2A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12461085080328de26fc0cdf598d16e1bd5ee9c6e16b7fe6b88d24a0876f25c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame C151 6 KB
2 KB 114ms
34ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:51 GMT
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-77-nzt-ray: pMQB/YiLg7w=
age: 31
x-77-cache: HIT
x-cache: HIT
x-age: 418
content-encoding: br
x-77-nzt: AcO1ryx7cnXvogEAAA==
last-modified: Tue, 16 Mar 2021 09:35:51 GMT
server: CDN77-Turbo
etag: W/"fcc536473734c006770cfb309e523fb4"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: udRT0Qc7bZ7Oopcb4lQ7r6JXnqis1-7nDrH-ejeclJ-S4Sd9V7m-jw==
expires: Tue, 23 Mar 2021 01:29:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD4E 0
0 82ms
81ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5mW7wXThQm3IEU9Yn8fW40OIndtooohkjU2OMOdV5ksvZ02JwqSbe4iw37dFQKERd14LF2dKMQUDdY40eCK_VFycL00L8fL1vcoKZmmBAD9pGzS_fZBH82ynDllb_3U3Ofl30pviJKbgP8dCHJdgKzMc-XWa5uAEpqwsqiDHZhVrvSRYPMkaIQRb_uSu0-NWBN7UILCDTUta_30U8wv4kq_moSelyty9hjsNXgLzSbEZpRaJysV_FRdWBPu4ZofosQAnCYsVut0zOEoLMxVA0jPTJoF41l_rIYG4rHrK0ZPuyD-v1uetaVis&sig=Cg0ArKJSzMtZVGAs7ODnEAE&urlfix=1&adurl=

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AD4E 95 KB
34 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a2de800c8ce8bc4c36952d1c806996a5093d6426003d8e9c6e9b05248eecaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34665
x-xss-protection: 0
server: cafe
etag: 7667117511100578818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD4E 117 KB
36 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame CB6A 400 B
616 B 9ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: sc8nAOzYUe6pKjz6MkoJcgXisEu8EVzYAxQtGVFxDiHL53V7KtnD14oJnAPCk6WboYrVFI/COJIKxBGGdEwawA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 16 Mar 2021 19:44:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 19:44:31 GMT

GET
H2 200 xkpBcCEj_ql.js Show response
www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/ Frame CB6A 479 KB
124 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/xkpBcCEj_ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h8DxR9O1MzfkhHf+DTmeug==
cross-origin-resource-policy: cross-origin
content-length: 126476
x-fb-rlafr: 0
x-fb-debug: bhVg4gSIBsTW64n6NpX+6T8xqrnkq4pvyCTD9Brh0SU3PQRyKJkFBGDpxf2Nv2HdC9Q+VkfgqRg4qirDS3oIAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Mar 2022 00:18:29 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame BDFD 400 B
548 B 12ms
12ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: sc8nAOzYUe6pKjz6MkoJcgXisEu8EVzYAxQtGVFxDiHL53V7KtnD14oJnAPCk6WboYrVFI/COJIKxBGGdEwawA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 16 Mar 2021 19:44:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 19:44:31 GMT

GET
H2 200 xkpBcCEj_ql.js Show response
www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/ Frame BDFD 479 KB
124 KB 12ms
4ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/xkpBcCEj_ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h8DxR9O1MzfkhHf+DTmeug==
cross-origin-resource-policy: cross-origin
content-length: 126476
x-fb-rlafr: 0
x-fb-debug: bhVg4gSIBsTW64n6NpX+6T8xqrnkq4pvyCTD9Brh0SU3PQRyKJkFBGDpxf2Nv2HdC9Q+VkfgqRg4qirDS3oIAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Mar 2022 00:18:29 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
642 B 167ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-7492323758213965&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

dd8c996b797bfc657ffc8c52cc01c8f1a6b20a7867a157203e55fe2cc2587ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E98 69 KB
23 KB 522ms
521ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43692c5a3e7607f39ac1b09181612cdc6cdcb2081a4ddce99bfc524cc12b3036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:52 GMT
server: cafe
content-length: 23588
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 7EEF 807 B
610 B 17ms
16ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-type: text/html
set-cookie: __cfduid=d99c43cf9275ca047472050bfe134c55a1616462811; expires=Thu, 22-Apr-21 01:26:51 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3253
cf-request-id: 08fe4a2b3800004dfaf23aa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3PedowqzcL4p7pN23YiCUquNFB8ke9lTn2SPNfI2gwdvmlmpS2eXXS13Y7aOFk1NgEIzVcRinzaysVvBoK2%2Fvjjuf9fxTmD02NV80EVb8yqvyHMuBeRfQKiTZ5M%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6343dfbeba054dfa-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame D89B 35 B
266 B 456ms
156ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:52 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK Icon16_Login.gif
www.moneydj.com/kmdj/images/ 617 B
818 B 377ms
261ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/images/Icon16_Login.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 76159081594b856452bd30f7a7611819904ae6b4071699100f42826c7fa34979

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 617
Content-Type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1FA6 0
0 96ms
89ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNBAJv1mWMWQPfld-o8jXUCsqXisCzCZ_cEtb9bYNCl4gCss0hESopl8eiFuwCDHtps86QAM1pel2mlQCAJYeDvzAZuCLOAJ0Y6ikif-JQGHNq9UpU9CYK6wKUIbRZ2fy7sEkmUkfb9N4mI6nYza5YZJNDHWkSapqmg6cI8A8qqQjgu3u5Uil-46BcU_2OYAboduY2GUNuyG0HgW_Ug-NTsY77EI-Th0d4wYdfh6ULPB0G46fZr9mHbWBSyoqOUiOvzSvzJScfhcySuSOLbD6ovMt43YMLPdZ_JJXM2MzdW2wWpdCvrCwciw&sig=Cg0ArKJSzOuBRKNQkCZcEAE&urlfix=1&adurl=

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1FA6 138 KB
49 KB 39ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FA6 117 KB
36 KB 48ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 873F 54 B
81 B 51ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1616462812&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&pra=7&wgl=1&dt=1616462811650&bpp=2&bdt=8075&idt=345&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&prev_fmts=300x250&nras=1&correlator=8746931251737&frm=20&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=368

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1616462812&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&pra=7&wgl=1&dt=1616462811650&bpp=2&bdt=8075&idt=345&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&prev_fmts=300x250&nras=1&correlator=8746931251737&frm=20&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=368
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:52 GMT
server: cafe
content-length: 34
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 540ms
138ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1616462812093&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z%2BO6YqA6YGV5Y%2BN5L%2Bd6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Tue, 23 Mar 2021 01:26:52 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 1193ms
293ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812098
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1209ms
300ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=fc91dfae22106e881a21616459210076&type=pc_pv&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E&t=1616462812098&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 08:00:09 GMT
Server: nginx
ETag: "5d775809-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1233ms
303ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812099
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 929ms
306ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjE5NC45OS4xMDUuOTkiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjE2NDYyODEwMDc4Iiwibm93IjoxNjE2NDYyODEyMDk5LCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZG9tYWluIjoid3d3Lm1vbmV5ZGouY29tIiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:52 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1232ms
303ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=&type=pc_channel_pv&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E|ch_pc&t=1616462812104&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1302ms
328ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJwYyIsImV4cGVjdGVkX2FkIjo0LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1616462812104
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK log.gif
r.popin.cc/ 35 B
264 B 1233ms
304ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=fc91dfae22106e881a21616459210076&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&t=1616462812105
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 logo.png
api.popin.cc/images/ 2 KB
2 KB 55ms
54ms Image
image/png 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
last-modified: Tue, 02 Apr 2019 12:00:56 GMT
server: ECS (amb/6B9D)
age: 519129
etag: "b10c5c3579ba2dba39fd2804188dc3f1"
x-cache: HIT
content-type: image/png
x-amz-request-id: 2FQCDD4278ARFHWV
x-amz-version-id: null
accept-ranges: bytes
content-length: 2316
x-amz-id-2: T67ttYJdwpcZINFdwJIiL7orqgx8bdb1NfKJE+oPgbDVhbx+w/iOK7Mtvo4fKBX6q4qgDaoUMvc=

POST
H/1.1 200
OK FundDataSvc.axd Show response
www.moneydj.com/InfoSvc/ 2 B
310 B 269ms
268ms XHR
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/InfoSvc/FundDataSvc.axd?a=FindFundBySubject
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:51 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 122
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame AD4E 226 KB
85 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7B2A 201 B
616 B 128ms
75ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0e2d9f743a90363bd9f75fcbe6ebebc01a62fcee838251cadb23e60b9f66b524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7B2A 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7B2A 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FC8 88 KB
32 KB 384ms
383ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3f48be6d3c929af9966829354505a4f6cc12c19b7fa31b55f18107088b2aaef

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjI3Z2hxe8CFZjyuwgdD3AN0A&gqi=3ENZYOe9DpHQgQevqbqABA&layout=/sadbundle/%24csp%253Der3%24/4289431202364580801/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjI3Z2hxe8CFZjyuwgdD3AN0A&gqi=3ENZYOe9DpHQgQevqbqABA&layout=/sadbundle/%24csp%253Der3%24/4289431202364580801/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:52 GMT
server: cafe
content-length: 32568
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B2A 73 KB
28 KB 47ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
DATA 200
OK truncated
/ Frame AD4E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e5ebc351f6276bbccffab66acdbd6f412d4d151b4efe2141235e78c1d28137

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK b4faceac084d9d3223809224bd34b204_160.jpg
imageaws.popin.cc/article/ 23 KB
23 KB 1391ms
474ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/b4faceac084d9d3223809224bd34b204_160.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 382e1a876661922e69d8951e38e35ea73b315da22e0bea963af49f4ec39de9e0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Thu, 18 Mar 2021 01:34:26 GMT
Server: nginx
ETag: "9343c45368a15e172c11134f69ef1322"
X-Cache-Status: HIT from 10.252.44.28
x-amz-version-id: 2o3C99pHSDRx9J1M.rr630RvdLi_fs5J
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23210
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK d419ca341c436165253a6566613366e0_160.jpg
imageaws.popin.cc/article/ 14 KB
14 KB 1474ms
565ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/d419ca341c436165253a6566613366e0_160.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 4e9a675dee82711233e9dd72e7295c7ac479322aed1d8463c2b1108247eed6f3

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 04:34:31 GMT
Server: nginx
ETag: "c87cdce489ca1c88eb2e089c2d106633"
X-Cache-Status: HIT from 10.252.43.27
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14200
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK 7f7442b580e08f6039f94193ef42243c.jpeg
imageaws.popin.cc/discovery/ 26 KB
26 KB 1382ms
474ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/discovery/7f7442b580e08f6039f94193ef42243c.jpeg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: caf206e622ee52d8593e9086cceb2d7c47d6b6a836f43330d88441bf18abd9c5

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 15 Mar 2021 09:59:42 GMT
Server: nginx
ETag: "e5492c4b1b7f990dc0a4e9d02e5b2a12"
X-Cache-Status: HIT from 10.252.43.26
x-amz-version-id: J6POJTArjCL2VvwjLIX6Fzd4u_GR1XoR
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 26515
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK 06b76debeccc693993dc250a15e9bb30_160.jpg
imageaws.popin.cc/article/ 12 KB
13 KB 1265ms
307ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/06b76debeccc693993dc250a15e9bb30_160.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 29a62763b48df560d4b33c050fda21af12b028e2862fd3343a66518742e4fe18

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 28 Dec 2020 04:21:58 GMT
Server: nginx
ETag: "45a241612fb369b026c56be093e715cb"
X-Cache-Status: HIT from 10.252.43.28
x-amz-version-id: vL2qNnrCt_ERhnFvi0I4Fu02Of5MYs0s
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 12771
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK 9b98e227cfeba47ae70504ff2aad58cf_160.jpg
imageaws.popin.cc/article/ 51 KB
51 KB 1529ms
608ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/article/9b98e227cfeba47ae70504ff2aad58cf_160.jpg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8ca234757c842f50ca3a153e5ff4b8a525c7ef84584898f66d8cddb14efd2df9

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Wed, 15 Jul 2020 05:42:06 GMT
Server: nginx
ETag: "0b78ff0df35c04f85e1cbdb7ed034542"
X-Cache-Status: HIT from 10.252.43.28
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51953
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK 427fae6af8ccb183f76ee77bd096eb85.jpeg
imageaws.popin.cc/discovery/ 27 KB
27 KB 1515ms
588ms Image
image/jpeg 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/discovery/427fae6af8ccb183f76ee77bd096eb85.jpeg
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d5a613351fa46e6d77037554392d719b982cec3fef3598b7f890561ad4bbea8d

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Thu, 22 Oct 2020 19:03:53 GMT
Server: nginx
ETag: "02757653922ccfba26d246a7fb223c87"
X-Cache-Status: HIT from 10.252.43.28
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27547
Expires: Wed, 23 Mar 2022 01:26:53 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 563ms
299ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEYTdiNzNlNjUtNTViYS00NmYzLTkzODItNDBhYzI3YTM2Nzc1IiwidHlwZSI6MSwicmVjb21tZW5kX3R5cGUiOiJob3QiLCJyZWNvbW1lbmRfcG9zaXRpb24iOjEsImNoYW5uZWxfaWQiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812284
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discovery
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 308ms
307ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/discovery?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjE5NC45OS4xMDUuOTkiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjE2NDYyODEwMDc4Iiwibm93IjoxNjE2NDYyODEyMjg0LCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidHlwZSI6ImltcCIsImRpc2hfdGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJkaXNoX3B1YmRhdGUiOiIyMDIxMDMyMjAwMDAwMDAwMDAiLCJkaXNoX3RkX3VybCI6Imh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwiZnJ1aXRfY29tbW9uX2NhdGVnb3J5IjoiZWNvbm9teSIsImZydWl0X2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsImZydWl0X3RkX3RpdGxlIjoi6Zuj5oCq5q6W5Yip546H6aOG77yf5aSW6LOH77yaRmVk5rG65b+D57WC5q2iU0xS44CB5bey5oKE5oKE6Yuq6LevIiwiZnJ1aXRfdGl0bGUiOiLpm6PmgKrmrpbliKnnjofpo4bvvJ/lpJbos4fvvJpGZWTmsbrlv4PntYLmraJTTFLjgIHlt7LmgoTmgoTpi6rot68iLCJmcnVpdF9wdWJkYXRlIjoiMjAyMTAzMTkwMDAwMDAwMDAwIiwiZnJ1aXRfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJmcnVpdF90ZF91cmwiOiJodHRwczovL3RyYWZmaWMucG9waW4uY2MvcmVkaXJlY3QvZGlzY292ZXJ5P3VybD1odHRwcyUzQSUyRiUyRnd3dy5tb25leWRqLmNvbSUyRmttZGolMkZuZXdzJTJGbmV3c3ZpZXdlci5hc3B4JTNGYSUzRGE3YjczZTY1LTU1YmEtNDZmMy05MzgyLTQwYWMyN2EzNjc3NSIsImZydWl0X2ltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9hcnRpY2xlL2I0ZmFjZWFjMDg0ZDlkMzIyMzgwOTIyNGJkMzRiMjA0XzE2MC5qcGciLCJpbWFnZV9oYXNoIjoiYjRmYWNlYWMwODRkOWQzMjIzODA5MjI0YmQzNGIyMDQuanBnIiwiZnJ1aXRfcmVjb21tZW5kX3R5cGUiOiJob3QiLCJmcnVpdF9yZWNvbW1lbmRfcG9zaXRpb24iOjEsInBvcGluX3ZlcnNpb24iOjZ9
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 329ms
303ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEM2JmNGVhZTQtNThjOC00MTIyLTk2ZjEtMjVmNDBjNTY1MmNhIiwidHlwZSI6MSwicmVjb21tZW5kX3R5cGUiOiJob3QiLCJyZWNvbW1lbmRfcG9zaXRpb24iOjIsImNoYW5uZWxfaWQiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812284
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discovery
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 570ms
304ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/discovery?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjE5NC45OS4xMDUuOTkiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjE2NDYyODEwMDc4Iiwibm93IjoxNjE2NDYyODEyMjg0LCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidHlwZSI6ImltcCIsImRpc2hfdGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJkaXNoX3B1YmRhdGUiOiIyMDIxMDMyMjAwMDAwMDAwMDAiLCJkaXNoX3RkX3VybCI6Imh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwiZnJ1aXRfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJmcnVpdF9kb21haW4iOiJ3d3cubW9uZXlkai5jb20iLCJmcnVpdF90ZF90aXRsZSI6Iumfk+W7oOW/g+aFjO+8geWCs+S4ieaYn+aZuuaFp+apn+mmluasoem7numgrSDlsIfnlKjkuqzmnbHmlrlPTEVEIiwiZnJ1aXRfdGl0bGUiOiLpn5Plu6Dlv4PmhYzvvIHlgrPkuInmmJ/mmbrmhafmqZ/pppbmrKHpu57poK0g5bCH55So5Lqs5p2x5pa5T0xFRCIsImZydWl0X3B1YmRhdGUiOiIyMDIxMDMyMjAwMDAwMDAwMDAiLCJmcnVpdF9jYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImZydWl0X3RkX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEM2JmNGVhZTQtNThjOC00MTIyLTk2ZjEtMjVmNDBjNTY1MmNhIiwiZnJ1aXRfaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2FydGljbGUvZDQxOWNhMzQxYzQzNjE2NTI1M2E2NTY2NjEzMzY2ZTBfMTYwLmpwZyIsImltYWdlX2hhc2giOiJkNDE5Y2EzNDFjNDM2MTY1MjUzYTY1NjY2MTMzNjZlMC5qcGciLCJmcnVpdF9yZWNvbW1lbmRfdHlwZSI6ImhvdCIsImZydWl0X3JlY29tbWVuZF9wb3NpdGlvbiI6MiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 306ms
304ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=fc91dfae22106e881a21616459210076&type=pc_imp&nid=&media=www.moneydj.com&r5=cc_business&t=1616462812285&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 390ms
323ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjQsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812285
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 483ms
292ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo2LCJjaGFubmVsX2lkIjoicGMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYiLCJsb2dpZCI6ImJlOGQ2Y2RhLWM4N2MtNGM5NC1iNDUzLTc3MjYyNmQyZjczMyIsInVpZCI6ImZjOTFkZmFlMjIxMDZlODgxYTIxNjE2NDU5MjEwMDc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuS6rOWfjumKgOmBleWPjeS/nemaquazle+8jOmBreiZlee9sOmNsDE4MOiQrOWFgyIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYmIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInRkX3BhdGgiOiIva21kai9uZXdzL25ld3N2aWV3ZXIuYXNweCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1616462812286
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 304ms
303ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=&type=pc_channel_imp&nid=&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E|ch_pc&t=1616462812286&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 347ms
308ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEZTViMzNiNzctMzYxNi00YWM2LTkwMWMtODY2OGNiNjRiMzNjIiwidHlwZSI6MSwicmVjb21tZW5kX3R5cGUiOiJob3QiLCJyZWNvbW1lbmRfcG9zaXRpb24iOjQsImNoYW5uZWxfaWQiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812286
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discovery
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 592ms
311ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/discovery?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjE5NC45OS4xMDUuOTkiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjE2NDYyODEwMDc4Iiwibm93IjoxNjE2NDYyODEyMjg2LCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidHlwZSI6ImltcCIsImRpc2hfdGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJkaXNoX3B1YmRhdGUiOiIyMDIxMDMyMjAwMDAwMDAwMDAiLCJkaXNoX3RkX3VybCI6Imh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwiZnJ1aXRfY29tbW9uX2NhdGVnb3J5IjoiZWNvbm9teSIsImZydWl0X2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsImZydWl0X3RkX3RpdGxlIjoi5LyN5b6377yaMTDlubTmrpbliKnnjofoi6XmlrwyLTMl5q2i56mpIOe+juiCoeacrOebiuavlOS4iuecizMz5YCNIiwiZnJ1aXRfdGl0bGUiOiLkvI3lvrfvvJoxMOW5tOauluWIqeeOh+iLpeaWvDItMyXmraLnqakg576O6IKh5pys55uK5q+U5LiK55yLMzPlgI0iLCJmcnVpdF9wdWJkYXRlIjoiMjAyMTAzMjIwMDAwMDAwMDAwIiwiZnJ1aXRfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJmcnVpdF90ZF91cmwiOiJodHRwczovL3RyYWZmaWMucG9waW4uY2MvcmVkaXJlY3QvZGlzY292ZXJ5P3VybD1odHRwcyUzQSUyRiUyRnd3dy5tb25leWRqLmNvbSUyRmttZGolMkZuZXdzJTJGbmV3c3ZpZXdlci5hc3B4JTNGYSUzRGU1YjMzYjc3LTM2MTYtNGFjNi05MDFjLTg2NjhjYjY0YjMzYyIsImZydWl0X2ltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9hcnRpY2xlLzA2Yjc2ZGViZWNjYzY5Mzk5M2RjMjUwYTE1ZTliYjMwXzE2MC5qcGciLCJpbWFnZV9oYXNoIjoiMDZiNzZkZWJlY2NjNjkzOTkzZGMyNTBhMTVlOWJiMzAuanBnIiwiZnJ1aXRfcmVjb21tZW5kX3R5cGUiOiJob3QiLCJmcnVpdF9yZWNvbW1lbmRfcG9zaXRpb24iOjQsInBvcGluX3ZlcnNpb24iOjZ9
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 411ms
323ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm1vbmV5ZGouY29tJTJGa21kaiUyRm5ld3MlMkZuZXdzdmlld2VyLmFzcHglM0ZhJTNEM2JmNjJkMTItYWJmZC00MjY3LTk1MDEtMGVlZGYwNmFiOTk2IiwidHlwZSI6MSwicmVjb21tZW5kX3R5cGUiOiJob3QiLCJyZWNvbW1lbmRfcG9zaXRpb24iOjUsImNoYW5uZWxfaWQiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812286
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 314ms
311ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=fc91dfae22106e881a21616459210076&type=pc_inview&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E&t=1616462812287&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 453ms
294ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjMsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiIsImxvZ2lkIjoiYmU4ZDZjZGEtYzg3Yy00Yzk0LWI0NTMtNzcyNjI2ZDJmNzMzIiwidWlkIjoiZmM5MWRmYWUyMjEwNmU4ODFhMjE2MTY0NTkyMTAwNzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Lqs5Z+O6YqA6YGV5Y+N5L+d6Zqq5rOV77yM6YGt6JmV572w6Y2wMTgw6JCs5YWDIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPWRiMTQ0YjE1LWIwNjktNGFjYi05NjY3LTU4ZTkxMWI4YWM2NiYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462812287
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 367ms
303ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjUsImNoYW5uZWxfaWQiOiJwYyIsImJveF9wb3NpdGlvbiI6InRvcF9sZWZ0IiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1616462812288
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 309ms
303ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=&type=pc_channel_inview&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E|ch_pc&t=1616462812288&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 874F 42 B
89 B 53ms
50ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtGMRoaC0-fvO9TgoIec_zN_H8oeIGd8LGUEezN42ru8r6d6VJDJPfPEhiArD4Vp1NF7IFvXavgWNgpEs8c_oZCXhAiUyy5f0hux8nYPI&sig=Cg0ArKJSzCVvGTwhk1oUEAE&id=osdim&mcvt=1109&p=590,16,1190,176&mtos=1109,1109,1109,1109,1109&tos=1109,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=492727391&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1616462809155&dlt=98&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame C1C8 39 B
126 B 22010ms
21897ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

:method: GET
:authority: fcm.holmesmind.com
:scheme: https
:path: /cm.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:27:14 GMT
server: Apache/2.4.29 (Ubuntu)
content-length: 39
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 95C7 6 KB
2 KB 32ms
31ms Document
text/html 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee

Request headers

:method: GET
:authority: cdn.holmesmind.com
:scheme: https
:path: /js/capmapping.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-type: text/html
last-modified: Fri, 12 Mar 2021 02:32:17 GMT
etag: W/"eafbd15dcbf67ea2b8cfadd2d92f78f8"
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: H4EetJvtOmBef3PDfXb-F8VagPcVQhuOsuXPPLzlRmAXif3ajh_rAA==
expires: Tue, 23 Mar 2021 01:36:02 GMT
server: CDN77-Turbo
x-77-nzt: AcO1ryyn3/HvMgAAAA==
x-77-nzt-ray: 1DifMi059i8=
x-cache: HIT
x-age: 50
x-77-pop: frankfurtDE
x-77-cache: HIT
content-encoding: br

GET
H2 200 edmp_init.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame C151 662 B
756 B 1282ms
333ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 3ebb4b474894184bf142b058d305720d.cloudfront.net (CloudFront)
x-77-nzt-ray: fWQyf4LeJBY=
age: 2
x-77-cache: HIT
x-cache: HIT
x-age: 332
content-encoding: br
x-request-id: b70a8c4a5daeb0fa6cf31e003f93fad0
x-77-nzt: AVQROQoRb8HvTAEAAA==
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: HiNetCDN/2012
etag: W/"f58f8a90686f8ffb3325107e8a788b71"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: EjcgqwFoYlWPbeM1AYhHJYUwLJ7682ffdSZ9UFSOE7nN9nLxm49Nag==
expires: Tue, 23 Mar 2021 01:26:42 GMT

GET
H2 200 google_mapping_init.js Show response
cdn.holmesmind.com/js/ Frame C151 5 KB
2 KB 33ms
32ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:52 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
x-77-nzt-ray: T7F1pUXm4/k=
age: 43
x-77-cache: HIT
x-cache: HIT
x-age: 85
content-encoding: br
x-77-nzt: AcO1rywXyP/vVQAAAA==
last-modified: Mon, 15 Mar 2021 05:11:36 GMT
server: CDN77-Turbo
etag: W/"ecc7750ee9369dfb2865df8de920fc09"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ljSYoLbFhwgOUyw3UrX8RPElOpEUc5ogTaN4W6GSxNS5OKvn4jAChw==
expires: Tue, 23 Mar 2021 01:35:27 GMT

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 0577 3 KB
1 KB 59ms
58ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 38d90211619a4572e2b5d01f2804f3d7d5143bd95d3a77520233389273d18216

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rywU7GfOXAIAAA==
date: Tue, 23 Mar 2021 01:26:52 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
etag: W/"fbb982d82fc3909ad8df88b7320297f0"
last-modified: Tue, 16 Mar 2021 02:06:23 GMT
server: CDN77-Turbo
x-amz-cf-pop: FRA53-C1
x-77-nzt-ray: 7P4Rmlt+Ph0=
x-77-cache: HIT
content-type: application/javascript
x-cache: REVALIDATED
x-age: 604
content-encoding: br
x-77-pop: frankfurtDE
x-amz-cf-id: g-vBX8xl5Y07WvhwzXV3vlKtokq04bQsb1BZbrSdHPo0DjoVxV4Ydw==

GET
H2

200

cm
c.holmesmind.com/ Frame C151
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
506 B

157ms
156ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:26:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 1FA6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6eacd45feb8c4bee62bdd883b0dc3a58e2593aef5d5d6e24004aadfd04b0bcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame BDFD 67 B
207 B 54ms
52ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616462811819&t_start=1616462811819&t_domcontent=1616462811923&t_layout=1616462812585&t_onload=1616462812585&t_paint=1616462812585&t_creport=1616462812585&t_tti=1616462811923&lid=6942654908953554212-0

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df80e2dd1f2b73c%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: R+k3M67LkO0SN5ZrkedFa7fjUhRtI6xNgR7m0pMt7mKBEzJ/O7pxBuqsqmC4Sjqy8gXiDsZc6kZVLNBAXUJgBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:26:52 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK FundDataSvc.axd Show response
www.moneydj.com/InfoSvc/ 2 B
310 B 257ms
256ms XHR
text/html 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/InfoSvc/FundDataSvc.axd?a=FindFundBySubject
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Mar 2021 01:26:52 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 122
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame CB6A 67 B
238 B 43ms
37ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616462811814&t_start=1616462811814&t_domcontent=1616462811919&t_layout=1616462812589&t_onload=1616462812589&t_paint=1616462812589&t_creport=1616462812589&t_tti=1616462811919&lid=6942654910262382047-0

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24139bd905fb04%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff18848628d6781%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: eg3MSWc/OrXyHWJMDYaIq1iBrOkUM5+94cyKk07WmhDkaElVqvYTXw+ZsnzR3ckvFye3XBvXJrIj3f5wxladbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:26:52 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK getTextAD.aspx Show response
www.moneydj.com/ads/ 59 B
346 B 269ms
267ms XHR
text/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA407&adstype=json
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: b75789d6c7d14d9c6373ebe3c8327f6752852e67b20cafde2ec233364a2c4675

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:52 GMT
Content-Encoding: gzip
Cache-Control: private
Content-Length: 153
Vary: Accept-Encoding
Content-Type: text/javascript; charset=big5

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame 1FA6 226 KB
85 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame D701 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126596
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame AD4E 12 B
58 B 58ms
54ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D1905dfc4667fa077-22069ef527a700a6%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MYrNJjpQaaHJvsIbtVXCrLqh_EIHw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame AD4E 107 B
123 B 16ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame AD4E 107 B
123 B 29ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

CF-300x600_NewsRightDown.html Show response
adx.doublemax.net/image/creative/20200320/Turn/ Frame C29B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10624&adk=5587611&adf=272530243&pi=t.ma~as.7595289909%2F10624&w=300&url=https%3...
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html

530 B
851 B

551ms
546ms

Document
text/html

13.32.21.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe41f351e5df8307d5a944c96a807067a3d1d8a82af0adde0994796f9713a5b1

Request headers

:method: GET
:authority: adx.doublemax.net
:scheme: https
:path: /image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

content-type: text/html
content-length: 530
last-modified: Fri, 20 Mar 2020 01:48:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Mar 2021 01:26:54 GMT
etag: "a31111aafa063495b5e276e877af30b2"
x-cache: RefreshHit from cloudfront
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 5Xr3JSEMXn-75Ke1sgmK6ewyvWDnQLRePfzahga3Lek8kqDRYAfnjw==

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:53 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD4E 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7EEF 57 KB
19 KB 59ms
58ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

93fd5cf7668e550f4d6a26848d9de01d1f020c3b15829328184a6f40cb162a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 486 of 1000 / last-modified: 1616451005"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19749
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H/1.1 200
OK jquery.qkpopup.js Show response
www.moneydj.com/funddj/ad/qk/js/ 14 KB
4 KB 250ms
249ms Script
application/javascript 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneydj.com/funddj/ad/qk/js/jquery.qkpopup.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: be5e1bb54a9c2bc90c59bbb19dc9a43b3dc1e666f7bb0594c1f3939783c2d5f0

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Dec 2019 08:02:45 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 0577 425 B
613 B 62ms
24ms Script
text/html 2600:9000:211e:e000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=10846
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e067882e629cf5bd5405d59a555081b6fbf77f74290023119a27011b72119089

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:21:14 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 337
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: FSMJOF9FUsBhMd5ZzfIy5WhQ-XaPOTflhj653PCKwI8BqIHR3ILIIg==
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0E98 1 KB
980 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:24:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 0E98 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0E98 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E98 117 KB
36 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:52 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0E98 12 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:23:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 0E98 0
0 23ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRombvEooGdgknzASwdQVBxS9mn4xXS7k_-WeHesdBfoBJraJG-_g3NMrm5FQumznIz950LQgTx1xOeTHTbih6gphtsDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 0E98 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 399112
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 95C7
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
49 B

180ms
153ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7463212823606030980/ Frame 0E98 16 KB
16 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7463212823606030980/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f906441399e595fd198f9584984a05fc861413a5e46bb855cac4097d5f7fc05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 11:52:50 GMT
x-content-type-options: nosniff
age: 221642
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16227
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:59:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 11:52:50 GMT

GET
DATA 200
OK truncated
/ Frame 0E98 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1FA6 12 B
78 B 56ms
54ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-7492323758213965&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1FA6 107 B
146 B 16ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1FA6 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC33 88 KB
32 KB 259ms
257ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7504fb913bc861daaa4fc3add3e454f2eaa4f85d349f2c08bb070d09f61d27d3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLTJlp6hxe8CFceTdwod5FkNlg&gqi=3UNZYNWeCquyx_AP5o-HqAM&layout=/sadbundle/%24csp%253Der3%24/17010147462245003352/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLTJlp6hxe8CFceTdwod5FkNlg&gqi=3UNZYNWeCquyx_AP5o-HqAM&layout=/sadbundle/%24csp%253Der3%24/17010147462245003352/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:53 GMT
server: cafe
content-length: 32202
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FA6 73 KB
28 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:53 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E98 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-ybX20NZYMuIOImu3gOVnZ7ADL6HpfRhyKH_sIoNrgIQASDn6cAJYJWKuILIB6ABi72voQLIAQmoAwHIA8sEqgSDAk_Qw40Gm2kTiAkdimUeX03TTxFdYM1BHXWsdwInm0BmdtfUFCPtcU7aAGMwbjA86muczErMIhbXi9aA_xug1RKQD2g4I2JRFviztGnGT2Phmg0iNRapxFDmW6sOAxDUaSVKmadPoAfvHafVJgzGJNR91sZmRM5WasawRh2qmuC8Np6pt2ouZ_3eedLUH0uymMaCe_hW5ukA-6ZzpSz5AgOCkufLBMxDsOxInX_X3dZ7JGjqE_Ci1Hm-TLcGB1dHLqSi-rY9YPin81LrN60cAn-pLzixdClvJKpJnZuR6M04GCoktWgnqXBy2NoDbbz_SgGLqSpbp1iJWfnwOdxPh1Nre0HABLDFhditA5IFBAgEGAGSBQQIBRgEoAYugAet9ODgAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDs5QnSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNzQ5MjMyMzc1ODIxMzk2NQ&sigh=oqKya_6qLX0&template_id=5000&tpd=AGWhJmtT9AIEDAJyqB3rgwaqLngjqI2Tk71Z13kWb4Wiyi-crw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1616462811&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&flash=0&wgl=1&dt=1616462811638&bpp=12&bdt=8063&idt=230&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=20&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462808&ga_hid=780963279&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44738185%2C44739387&oid=3&pvsid=77596448530770&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=alKM76QYJy&p=https%3A//www.moneydj.com&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 01:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/ Frame A98E 3 KB
3 KB 19ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bd525dc317d47424279fbc7165201537c4bfe4c94c7f7c209a0685b6af281f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4289431202364580801/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
date: Wed, 17 Mar 2021 23:02:51 GMT
expires: Thu, 17 Mar 2022 23:02:51 GMT
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 440642
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 9FC8 17 KB
7 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9FC8 2 KB
2 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FC8 118 KB
36 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9FC8 12 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:23:23 GMT

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7EEF 285 KB
100 KB 54ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:53 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AFA5 1 KB
854 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 16:59:40 GMT
expires: Tue, 23 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 30433
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0E98 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0015a26cb1616a2e41df4f5ef015d54bd1ba0f1d30fcd73f3d2e534e203c7df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 0577 4 KB
2 KB 1114ms
454ms Script
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=10846&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2FTurn%2FCF-160X600_NewsLeftTop.html&n=846&o=1&d=1&b=2&ts=1&ii=2&FPCK=
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 50fce31106159bb540600c34d2f3546b3c3ae05d885c619d0705e617db5c3a2f

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0577 3 KB
1 KB 355ms
337ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 fdf96859c8a26606c28f770011e1fdeb.cloudfront.net (CloudFront)
x-77-nzt-ray: y2yqISH0CHo=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 268
content-encoding: br
x-request-id: 4426d786666acb780575af5ed89a0957
x-77-nzt: AVQROQpMX+LvDAEAAA==
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: HiNetCDN/2012
etag: W/"6a605eea47197fa280f27aaf1fa1521d"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: QZtbON_ZHZ0NgYLEwA8QLNso1K_m0WH332NpbW-w3aEDKGoMiNMAaA==
expires: Tue, 23 Mar 2021 01:31:14 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 0577 114 KB
37 KB 61ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:26:53 GMT

GET
H2 200 criteoV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0577 2 KB
1 KB 344ms
338ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 115fcb38413899b63e42dac85a21d414.cloudfront.net (CloudFront)
x-77-nzt-ray: VlKKn8jbBLA=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 78
content-encoding: br
x-request-id: a33fb2eabdfb822269242226c2763067
x-77-nzt: AVQROQIvMEbvTgAAAA==
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: HiNetCDN/2012
etag: W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: kc-qNFwpG5bbFfxO8N3KX7GORJSpn7eh0xg8xPVxCxXoe1oSRe3K2g==
expires: Tue, 23 Mar 2021 01:33:45 GMT

GET
H2 200 bridgewellV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0577 14 KB
5 KB 344ms
339ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 879a086bdc28d12fcb578a7eec6e27553a62c049d51577f3e8633246cee08627

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 472637409b8ae00cf91bae609bb7b3ae.cloudfront.net (CloudFront)
x-77-nzt-ray: Z68GetM4bEk=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 521
content-encoding: br
x-request-id: 14b316400129604066d6c1f1f0e7cc2e
x-77-nzt: AVQROQJvNzXvCQIAAA==
last-modified: Wed, 16 Dec 2020 09:31:55 GMT
server: HiNetCDN/2012
etag: W/"d7d2964abc57ee2b2489284fe2ac32b3"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: sDcVSejsaSRYg83R-JpjZRLnX4unLGjsyRa0h9f1_ijIp91ru7PMsQ==
expires: Tue, 23 Mar 2021 01:25:52 GMT

GET
H2 200 appierV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0577 3 KB
1 KB 597ms
592ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 3ea7dec9ae91ed3e4cc2a65d3613ed52.cloudfront.net (CloudFront)
x-77-nzt-ray: NfIagm3mCI8=
age: 39
x-77-cache: HIT
x-cache: HIT
x-age: 381
content-encoding: br
x-request-id: 9aea9eabd2d007b4836919e084c9a41c
x-77-nzt: AVQROQZjRAvvfQEAAA==
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: HiNetCDN/2012
etag: W/"548ed610a8571343fb3022f543174735"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: sx89KaXbuTlygxpQ5b2aG1Fne1pSR_RO-ccUqamWr_2qpiviR1fOLw==
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H2 200 onead_test.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0577 1 KB
917 B 598ms
593ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/onead_test.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 203053ec63eacb1c5bf88ded535e2051bda04569ef926e19647cf2bfd9b0ca69

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:53 GMT
via: 1.1 3ebb4b474894184bf142b058d305720d.cloudfront.net (CloudFront)
x-77-nzt-ray: OiQF+zWRdOU=
age: 58
x-77-cache: HIT
x-cache: HIT
x-age: 107
content-encoding: br
x-request-id: 276f959a9c91c4ed8da7466a37920808
x-77-nzt: AVQROQY2tpXvawAAAA==
last-modified: Fri, 16 Oct 2020 09:58:11 GMT
server: HiNetCDN/2012
etag: W/"cc3c7b48faa78743733e2f5433e396b2"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: 48ahHqBLw4QnvaH4TEBaEjKo4SHqNfUkZLHIzIdi1YtFa2QDj19FMQ==
expires: Tue, 23 Mar 2021 01:34:39 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 135ms
134ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1616462813451&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjMsIm5pZCI6IjYwNGYzMDBlZjY4NmI2MjczZjE1MTEzOCIsImNhbXBhaWduIjoiNjA0ZjJlNDFmNjg2YjYzYzIyMWRjMjA0IiwidG9rZW4iOiIwM2IyZWIyNTljMWE4NGUyMjg4MmZmYzJkMmY3OGZkOSIsInRpbWVzdGFtcCI6MTYxNjQ2MjgxMzQ0MSwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6InBjIiwiYzEiOjAuMDAzMjkwNDU3NjcyNzQ5MDI4LCJjMiI6MC4wMDEwMDg2ODYsInRpdGxlIjoi5a2p5a2Q6ZW35LiN6auY5piv54i25q%2BN55qE6LKs5Lu7ITnmiJDnmoTkurrkuI3nn6XpgZPnmoTnsKHllq7nv5LmhaPmmK8%2FIiwic2FtcGxlIjoiIiwidl9mcnVpdF93b3JkIjoi6LKs5Lu7LOe%2FkuaFoyzkuI3nn6Us5a2p5a2QLOeItuavjSIsImltYWdlX2hhc2giOiJlNTQ5MmM0YjFiN2Y5OTBkYzBhNGU5ZDAyZTViMmExMiIsImNsYXNzaWZ5Ijoi5Lq65ZKM5Lq65Y%2BC5LiO55qE5rS75YqoLeS6uueJqeeJueWGmS3nvo7lpbPlhpnnnJ8iLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvZGlzY292ZXJ5LzdmNzQ0MmI1ODBlMDhmNjAzOWY5NDE5M2VmNDIyNDNjLmpwZWciLCJjbGFyaXR5IjowLjkzLCJhZXN0aGV0aWMiOjAuODcsInNhbXBsZV90YWciOiJ0d19jdnJfdjMiLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImZydWl0X3N0eWxlIjoiMyIsImJveF9zdHlsZSI6IjMzMzMzMzMzMyIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Tue, 23 Mar 2021 01:26:54 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 309ms
309ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=fc91dfae22106e881a21616459210076&type=pc_imp&nid=604f300ef686b6273f151138&campaign=604f2e41f686b63c221dc204&media=www.moneydj.com&r5=cc_business&r6=03b2eb259c1a84e22882ffc2d2f78fd9&t=1616462813441&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 335ms
334ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjMsIm5pZCI6IjYwNGYzMDBlZjY4NmI2MjczZjE1MTEzOCIsImNhbXBhaWduIjoiNjA0ZjJlNDFmNjg2YjYzYzIyMWRjMjA0IiwidG9rZW4iOiIwM2IyZWIyNTljMWE4NGUyMjg4MmZmYzJkMmY3OGZkOSIsInRpbWVzdGFtcCI6MTYxNjQ2MjgxMzQ0MSwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6InBjIiwiYzEiOjAuMDAzMjkwNDU3NjcyNzQ5MDI4LCJjMiI6MC4wMDEwMDg2ODYsInRpdGxlIjoi5a2p5a2Q6ZW35LiN6auY5piv54i25q+N55qE6LKs5Lu7ITnmiJDnmoTkurrkuI3nn6XpgZPnmoTnsKHllq7nv5LmhaPmmK8/Iiwic2FtcGxlIjoiIiwidl9mcnVpdF93b3JkIjoi6LKs5Lu7LOe/kuaFoyzkuI3nn6Us5a2p5a2QLOeItuavjSIsImltYWdlX2hhc2giOiJlNTQ5MmM0YjFiN2Y5OTBkYzBhNGU5ZDAyZTViMmExMiIsImNsYXNzaWZ5Ijoi5Lq65ZKM5Lq65Y+C5LiO55qE5rS75YqoLeS6uueJqeeJueWGmS3nvo7lpbPlhpnnnJ8iLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvZGlzY292ZXJ5LzdmNzQ0MmI1ODBlMDhmNjAzOWY5NDE5M2VmNDIyNDNjLmpwZWciLCJjbGFyaXR5IjowLjkzLCJhZXN0aGV0aWMiOjAuODcsInNhbXBsZV90YWciOiJ0d19jdnJfdjMiLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2IiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImY2NWJiNTMzLWUwODYtNGI1NS1hMDY0LWE5MTM1OTJlYTczYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiIzIiwiYm94X3N0eWxlIjoiMzMzMzMzMzMzIiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1616462813453
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK ad
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 304ms
303ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/ad?data=eyJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTk0Ljk5LjEwNS45OSIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImtleSI6ImtleTE2MTY0NjI4MTAwNzgiLCJub3ciOjE2MTY0NjI4MTM0NTQsInVybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidHlwZSI6ImltcCIsInRpbWVfc2hvd19zZWNvbmRzIjozLCJuaWQiOiI2MDRmMzAwZWY2ODZiNjI3M2YxNTExMzgiLCJ0b2tlbiI6IjAzYjJlYjI1OWMxYTg0ZTIyODgyZmZjMmQyZjc4ZmQ5IiwidGltZXN0YW1wIjoxNjE2NDYyODEwMDc4LCJib3hfcG9zaXRpb24iOiJ0b3BfbGVmdCIsImNoYW5uZWxfaWQiOiJwYyIsImMyIjowLjAwMTAwODY4Niwic2FtcGxlX3RhZyI6InR3X2N2cl92MyIsImZydWl0X3VzZXJpZCI6InNlbm9iaXJ1X3R3IiwiZnJ1aXRfY2FtcGFpZ24iOiI2MDRmMmU0MWY2ODZiNjNjMjIxZGMyMDQiLCJmcnVpdF90aXRsZSI6IuWtqeWtkOmVt+S4jemrmOaYr+eItuavjeeahOiyrOS7uyE55oiQ55qE5Lq65LiN55+l6YGT55qE57Ch5Zau57+S5oWj5pivPyIsImZydWl0X2RvbWFpbiI6InRhaXdhbi5wdXJlLWJlYXV0eS5saWZlIiwiZnJ1aXRfYnVzaW5lc3NfdHlwZSI6IjEwIiwidl9mcnVpdF93b3JkIjoi6LKs5Lu7LOe/kuaFoyzkuI3nn6Us5a2p5a2QLOeItuavjSIsImltYWdlX2hhc2giOiJlNTQ5MmM0YjFiN2Y5OTBkYzBhNGU5ZDAyZTViMmExMiIsImFkX3Bvc2l0aW9uIjoxLCJzYW1wbGUiOiIiLCJjbGFzc2lmeSI6IuS6uuWSjOS6uuWPguS4jueahOa0u+WKqC3kurrniannibnlhpkt576O5aWz5YaZ55yfIiwiaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS83Zjc0NDJiNTgwZTA4ZjYwMzlmOTQxOTNlZjQyMjQzYy5qcGVnIiwiZnJ1aXRfaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS83Zjc0NDJiNTgwZTA4ZjYwMzlmOTQxOTNlZjQyMjQzYy5qcGVnIiwiY2xhcml0eSI6MC45MywiYWVzdGhldGljIjowLjg3LCJmcnVpdF9zdHlsZSI6IjMiLCJib3hfc3R5bGUiOiIzMzMzMzMzMzMiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 137ms
137ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1616462813466&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjMsIm5pZCI6IjVmOTEzYTJkZjY4NmI2MzNlNjE0ODNjNSIsImNhbXBhaWduIjoiNWQ5YWEwMWNmNjg2YjYzZTRjNjVkYWU0IiwidG9rZW4iOiJlYmE3MDkxMTk5Zjc4YTRlZGM0YTNmZDExMTJmMGMzMSIsInRpbWVzdGFtcCI6MTYxNjQ2MjgxMzQ1NSwicmVjb21tZW5kX3Bvc2l0aW9uIjo2LCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6InBjIiwiYzEiOjAuMDAxMzA2MTgwNjA5MTU1MTM4NSwiYzIiOjAuMDAxMDg5NjAxOCwidGl0bGUiOiLkuI3mgJXpoK3pq67mspLplbflj6rmgJXplbflpKrlpJrvvIHnlKjkuobml6XmnKzmqILlpKnpgKPnuow25bm0Tk8uMeeahOmkiumrrua2su%2B8jOWGjeS5n%2BS4jeaTlOW%2Fg%2Bemv%2Bmgre%2B8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IuaTlOW%2Fgyzml6XmnKws5qiC5aSpLOmgremrrizlpKrlpJoiLCJpbWFnZV9oYXNoIjoiMzVmOGMwOTU4YjY2MzI1NTFmZGRiYTFiZWQzZDVkYmEiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9kaXNjb3ZlcnkvNDI3ZmFlNmFmOGNjYjE4M2Y3NmVlNzdiZDA5NmViODUuanBlZyIsImNsYXJpdHkiOjAuOTgsImFlc3RoZXRpYyI6MC45Mywic2FtcGxlX3RhZyI6InR3X2N2cl92MyIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg%2FYT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYiLCJsb2dpZCI6ImJlOGQ2Y2RhLWM4N2MtNGM5NC1iNDUzLTc3MjYyNmQyZjczMyIsInVpZCI6ImZjOTFkZmFlMjIxMDZlODgxYTIxNjE2NDU5MjEwMDc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuS6rOWfjumKgOmBleWPjeS%2Fnemaquazle%2B8jOmBreiZlee9sOmNsDE4MOiQrOWFgyIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg%2FYT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYmIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInRkX3BhdGgiOiIva21kai9uZXdzL25ld3N2aWV3ZXIuYXNweCIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiIzIiwiYm94X3N0eWxlIjoiMzMzMzMzMzMzIiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback2

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Tue, 23 Mar 2021 01:26:54 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 299ms
298ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66&uid=fc91dfae22106e881a21616459210076&type=pc_imp&nid=5f913a2df686b633e61483c5&campaign=5d9aa01cf686b63e4c65dae4&media=www.moneydj.com&r5=cc_business&r6=eba7091199f78a4edc4a3fd1112f0c31&t=1616462813455&tz=tw
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Tue, 10 Sep 2019 08:00:09 GMT
Server: nginx
ETag: "5d775809-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 299ms
297ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjMsIm5pZCI6IjVmOTEzYTJkZjY4NmI2MzNlNjE0ODNjNSIsImNhbXBhaWduIjoiNWQ5YWEwMWNmNjg2YjYzZTRjNjVkYWU0IiwidG9rZW4iOiJlYmE3MDkxMTk5Zjc4YTRlZGM0YTNmZDExMTJmMGMzMSIsInRpbWVzdGFtcCI6MTYxNjQ2MjgxMzQ1NSwicmVjb21tZW5kX3Bvc2l0aW9uIjo2LCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6InBjIiwiYzEiOjAuMDAxMzA2MTgwNjA5MTU1MTM4NSwiYzIiOjAuMDAxMDg5NjAxOCwidGl0bGUiOiLkuI3mgJXpoK3pq67mspLplbflj6rmgJXplbflpKrlpJrvvIHnlKjkuobml6XmnKzmqILlpKnpgKPnuow25bm0Tk8uMeeahOmkiumrrua2su+8jOWGjeS5n+S4jeaTlOW/g+emv+mgre+8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IuaTlOW/gyzml6XmnKws5qiC5aSpLOmgremrrizlpKrlpJoiLCJpbWFnZV9oYXNoIjoiMzVmOGMwOTU4YjY2MzI1NTFmZGRiYTFiZWQzZDVkYmEiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9kaXNjb3ZlcnkvNDI3ZmFlNmFmOGNjYjE4M2Y3NmVlNzdiZDA5NmViODUuanBlZyIsImNsYXJpdHkiOjAuOTgsImFlc3RoZXRpYyI6MC45Mywic2FtcGxlX3RhZyI6InR3X2N2cl92MyIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsInVybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYiLCJsb2dpZCI6ImJlOGQ2Y2RhLWM4N2MtNGM5NC1iNDUzLTc3MjYyNmQyZjczMyIsInVpZCI6ImZjOTFkZmFlMjIxMDZlODgxYTIxNjE2NDU5MjEwMDc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZjY1YmI1MzMtZTA4Ni00YjU1LWEwNjQtYTkxMzU5MmVhNzNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuS6rOWfjumKgOmBleWPjeS/nemaquazle+8jOmBreiZlee9sOmNsDE4MOiQrOWFgyIsInRkX3VybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYmIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInRkX3BhdGgiOiIva21kai9uZXdzL25ld3N2aWV3ZXIuYXNweCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjMiLCJib3hfc3R5bGUiOiIzMzMzMzMzMzMiLCJyZWZlcnJlcl9yZWNvbW1lbmRfdHlwZSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1616462813468
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK ad
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 319ms
307ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/ad?data=eyJ0ZF9jbGllbnRfaWQiOiJmNjViYjUzMy1lMDg2LTRiNTUtYTA2NC1hOTEzNTkyZWE3M2IiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLkuqzln47pioDpgZXlj43kv53pmqrms5XvvIzpga3omZXnvbDpjbAxODDokKzlhYMiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9ZGIxNDRiMTUtYjA2OS00YWNiLTk2NjctNThlOTExYjhhYzY2JiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTk0Ljk5LjEwNS45OSIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImtleSI6ImtleTE2MTY0NjI4MTAwNzgiLCJub3ciOjE2MTY0NjI4MTM0NjgsInVybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT1kYjE0NGIxNS1iMDY5LTRhY2ItOTY2Ny01OGU5MTFiOGFjNjYiLCJ1aWQiOiJmYzkxZGZhZTIyMTA2ZTg4MWEyMTYxNjQ1OTIxMDA3NiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5tb25leWRqLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJkaXNoX2RvbWFpbiI6Ind3dy5tb25leWRqLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLngavngb3kv53pmqos5Li7566h5qmf6ZecLOmHkeeuoeacgyznr4fmlofnq6As6KeA5ris56uZLOebuOmXnCzmjqrmlr0s5qWt5YuZLOaDheW9oizmlLnlloQs6L6m55CGLOWFrOWRiizkuovlr6Ys5bCN5YWsLOaWh+eroCznh5/pgYss55yL6YGOLOiZleWIhizkuIvliJcs6aCQ6KiILOiqquaYjizos4foqIos6YGV6KaPLOS6iOS7pSzmjqHlj5Ys6KOc5q2jLOWKoOW8tyzoqIrmga8s55m854++LOS9j+WuhSzlvbHpn78s5qqi5p+lLOiIiOi2oyznmbznlJ8s6KaP5a6aLOS6i+mghSzlhazlj7gs57ay5Y+LLOmHkemhjSIsInZfZGlzaF90bGFiZWxzIjoi5L+d6Zqq5rOVLOS6rOWfjizomZXnvbAs6YGV5Y+NIiwibG9naWQiOiJiZThkNmNkYS1jODdjLTRjOTQtYjQ1My03NzI2MjZkMmY3MzMiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidHlwZSI6ImltcCIsInRpbWVfc2hvd19zZWNvbmRzIjozLCJuaWQiOiI1ZjkxM2EyZGY2ODZiNjMzZTYxNDgzYzUiLCJ0b2tlbiI6ImViYTcwOTExOTlmNzhhNGVkYzRhM2ZkMTExMmYwYzMxIiwidGltZXN0YW1wIjoxNjE2NDYyODEwMDc4LCJib3hfcG9zaXRpb24iOiJ0b3BfbGVmdCIsImNoYW5uZWxfaWQiOiJwYyIsImMyIjowLjAwMTA4OTYwMTgsInNhbXBsZV90YWciOiJ0d19jdnJfdjMiLCJmcnVpdF91c2VyaWQiOiJGaW5qaWEtcyIsImZydWl0X2NhbXBhaWduIjoiNWQ5YWEwMWNmNjg2YjYzZTRjNjVkYWU0IiwiZnJ1aXRfdGl0bGUiOiLkuI3mgJXpoK3pq67mspLplbflj6rmgJXplbflpKrlpJrvvIHnlKjkuobml6XmnKzmqILlpKnpgKPnuow25bm0Tk8uMeeahOmkiumrrua2su+8jOWGjeS5n+S4jeaTlOW/g+emv+mgre+8gSIsImZydWl0X2RvbWFpbiI6ImRhbmdkYW5nc2tpbi5jb20iLCJmcnVpdF9idXNpbmVzc190eXBlIjoiMTIiLCJ2X2ZydWl0X3dvcmQiOiLmk5Tlv4Ms5pel5pysLOaoguWkqSzpoK3pq64s5aSq5aSaIiwiaW1hZ2VfaGFzaCI6IjM1ZjhjMDk1OGI2NjMyNTUxZmRkYmExYmVkM2Q1ZGJhIiwiYWRfcG9zaXRpb24iOjIsInNhbXBsZSI6IiIsImNsYXNzaWZ5IjoiIiwiaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS80MjdmYWU2YWY4Y2NiMTgzZjc2ZWU3N2JkMDk2ZWI4NS5qcGVnIiwiZnJ1aXRfaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS80MjdmYWU2YWY4Y2NiMTgzZjc2ZWU3N2JkMDk2ZWI4NS5qcGVnIiwiY2xhcml0eSI6MC45OCwiYWVzdGhldGljIjowLjkzLCJmcnVpdF9zdHlsZSI6IjMiLCJib3hfc3R5bGUiOiIzMzMzMzMzMzMiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Content-Length: 0
Content-Type: text/plain

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E9C6 143 B
219 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462811677&bpp=6&bdt=97&idt=523&shv=r20210318&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D1905dfc4667fa077%3AT%3D1616462808%3AS%3DALNI_MZW5xehmDUMxrUPOzyNdVMOsFzzCA&correlator=8746931251737&frm=23&ife=4&pv=2&ga_vid=982085864.1616462808&ga_sid=1616462812&ga_hid=247836539&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1566393387&scr_x=0&scr_y=0&eid=44737564%2C44737458%2C44739387&oid=3&pvsid=1387260170119057&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8zd4kv61zvd9&fsb=1&dtd=546

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 01:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 213
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9FC8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb669c0dfc3977a0ed33c42d4ccee3b3e2b0c65a030f0308648068b1d1f91edf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9FC8 0
48 B 41ms
40ms Other
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjI3Z2hxe8CFZjyuwgdD3AN0A&gqi=3ENZYOe9DpHQgQevqbqABA&layout=/sadbundle/%24csp%253Der3%24/4289431202364580801/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 7EEF 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7EEF 107 B
123 B 17ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7EEF 329 B
414 B 77ms
76ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4383165667044898&correlator=1311440295488939&output=ldjh&impl=fifs&eid=31060316%2C31060517%2C31060521%2C21064366%2C31060367%2C31060398%2C31060434%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1616462813689&dlt=1616462812297&idt=1366&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=vmesri1i8ym&ifi=1&ifk=923963767&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2086788899.1616462814&ga_sid=1616462814&ga_hid=1979365722&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d3fc910b540884904c0bcff2ef8765666803612e940a6f900761d43a11defa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7EEF 0
0 53ms
38ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7EEF 0
0 7ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A98E 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A98E 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:41:54 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A98E 186 KB
48 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:53 GMT

GET
H3-Q050 200 300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/ Frame A98E 56 KB
10 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da3a779e79e6432ea996cd1a064704d26fe43421305b7795b87d21d3931a58d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 488292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 17 Mar 2021 09:48:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 09:48:41 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EB8B 0
150 B 67ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.moneydj.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.moneydj.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1466
date: Tue, 23 Mar 2021 01:26:53 GMT
content-length: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 12 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7883989b93490848688b646cdd92efc0278ca864eb458b8c723b6b6aa340446

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17010147462245003352/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3725
date: Wed, 17 Mar 2021 17:27:16 GMT
expires: Thu, 17 Mar 2022 17:27:16 GMT
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 460777
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC33 0
0 46ms
44ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkVyb3UNZYPTmCsen3gPks7WwCc6Lr8Jg37Ce65sL9ZKul_0aEAEg5-nACWCViriCyAegAem58ccCyAEJqQIpt1B77gi0PqgDAcgDSKoEiwJP0MLO-_BgXcVA1y3YLKMP5IDUfRO9giLBhDuqUdZH9LO4MFIdA27Hq-E1cOko-KbX6z001uVdSp_-8VgHn6_e5rAUt3j868k2FFoxzWXN7tf4qcy9gXGzXauKdQI80_4JsdHoTxEJf5VDq7mBWbAiNv93ke2YDBpb3BCLghFrZtHhZxcL42kCER1S3mfGPrep-znxTdgIZIdfkmAYAdiK4bgaPjrMaz3ovCQPJL9H64G8z7fKBuFjP7Dq2ohTLRIM0YuWtk2UVd6Z0kzkLQYqFQNy11Y2M8-78nyIfzdzzY0tJXhxPORNeJ-WTUTP8ButOQnORV5XoLF4scRpYm_mg9eVtipQZNVxxLDABO_e2K7vApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_xY64AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCgnAzSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzQ5MjMyMzc1ODIxMzk2NQ&sigh=h86a2Do3bpo&template_id=419&tpd=AGWhJmvutQfslTHuWyyGtso6rJ10IDSvexcr-rJ9EGl4uiKy1A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 01:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame BC33 17 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame BC33 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC33 117 KB
36 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame BC33 12 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:23:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BC33 0
0 15ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0wqN42M9MVMXhfSngbNuxI-kKZqTHPj6-a5np50oAQ1sqrLKIBasEb0ffYRlGcdia1j3kD1c0Jfr7nQz1-Z90CpGmxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame AFA5 35 B
463 B 30ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGKzY4EbNJxRjlDyfS51-8c&google_cver=1&google_push=AQvitUJutueOTMpzZkUQeTOOGu3hybUyBkGyeqDEuL1pOldlMyqi3vGUcBlOBUO8ndhP7AjAMJYchX9QtxUBOvfKQfNsvuQE6sc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AFA5 0
227 B 164ms
57ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KyRi65M3ydkD4udzFaC0ClEUVyZrb9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
2 KB 9ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/CTA.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 341663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 19 Mar 2021 02:32:30 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 02:32:30 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C17 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0577 0
147 B 181ms
60ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=89522379464
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:53 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame C29B
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

38 KB
39 KB

12ms
12ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f986cbacca9fd13b5f9f186d871d11658509fae78bf80a6ffc50f98ad09f5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2360
content-length: 39237
cf-request-id: 08fe4a352a00004dfa38a78000000001
last-modified: Mon, 15 Mar 2021 04:23:22 GMT
server: cloudflare
etag: "604ee13a-9945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=21YifX0%2BRppIfNWxApk4OLLoS%2FUzNhyrQDqrU67gFiOUI2Xm2LRuzNQrPwIgEmdoikvC5OJ6fV8l6lq4OQ%2F6ACz%2Fs2tgnJWy%2FfPXvV4T5Tob%2B3N08qECBqhJOzI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6343dfcea9734dfa-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7EEF 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1213c28b8e253c06dfd16c545ddc2372579bc61fd5fc3922eead0e9c28e4777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6547
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B2A 0
0 84ms
84ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ7F-qP4hwQP57GkcYhbyl-vHDCn_lUEGj6AQy5D2fl8wDIxYXebpThtM73GFBnmmzl4uea6r_e-sU2yh8OZdrX61K22lzBD8EIudGfxYE2jLjboz5NJP4ZzxDOAxhToSezrbDVE6CJIJEXxW_IAJwjmEm685zmVSod7i2MnUAikOhqRsZOEVJPHjHoHZrC5AkNSxtTySa5rrFmG4BT_7haBh0pTkpQeDvVRWSXrkBVqw3lPYTGTwlvitoUZP5yo5GpSB8tuOaxFv09sD4joEDr5zYMDLhj45JaDEl1lPDDCGlB0aQzNCB6CR3QinUxoPJbMA&sig=Cg0ArKJSzPqIaFGRCAyWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7B2A 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf672a4444d11394569fe2dadc82a3ea26b6c1570d247211920d4a3a1c8cb42d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6566
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0303 143 B
168 B 8ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186319&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3Ddb144b15-b069-4acb-9667-58e911b8ac66%26&ea=0&flash=0&wgl=1&dt=1616462812619&bpp=7&bdt=650&idt=494&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D1905dfc4667fa077-2249ac3e2ea7009a%3AT%3D1616462812%3ART%3D1616462812%3AS%3DALNI_MahBPhDSo7VQ6H_CHpG5BP-DeeDSQ&correlator=8746931251737&frm=23&ife=4&pv=1&ga_vid=982085864.1616462808&ga_sid=1616462813&ga_hid=1666568346&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1999&biw=1600&bih=1200&isw=728&ish=90&ifk=1145043360&scr_x=0&scr_y=0&eid=21068084%2C31060352%2C44737458%2C44739387&oid=3&pvsid=1098576869987498&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fxzicto512sb&btvi=1&fsb=1&dtd=533

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 01:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 214
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7EEF 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
DATA 200
OK truncated
/ Frame BC33 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5b088711905cc44afcf733a89dfaa64385a22a05f267547982dfb801fb7cf5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 CTA_blanc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/CTA_blanc.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 440647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 17 Mar 2021 23:02:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 23:02:47 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E9C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
162 B

15ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 02:26:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 01:26:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame BC33 0
23 B 41ms
41ms Other
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLTJlp6hxe8CFceTdwod5FkNlg&gqi=3UNZYNWeCquyx_AP5o-HqAM&layout=/sadbundle/%24csp%253Der3%24/17010147462245003352/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B2A 17 KB
6 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1812 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1812 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:41:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1812 2 KB
603 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4608ce05feace4b1b636463e65188e56c7b30b5ca261a70a3a567e9880f16ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:14:21 GMT
server: ESF
date: Tue, 23 Mar 2021 01:26:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 BST-Dinnerbuddy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 39 KB
39 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/BST-Dinnerbuddy_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24399d873a36277f26e7c16717a2bffc2b1b114e8f5ba7d3e005974843549b49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 413024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39636
x-xss-protection: 0
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
server: sffe
date: Thu, 18 Mar 2021 06:43:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 06:43:10 GMT

GET
H3-Q050 200 Wein-Verkaufsanhaenger-Freigestellt-NEU_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 35 KB
35 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/Wein-Verkaufsanhaenger-Freigestellt-NEU_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50eff3da787d341e9ccccca301bf605c62848b78ade155c8a2b3dce48b6e2c64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35735
x-xss-protection: 0
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
server: sffe
date: Sun, 21 Mar 2021 07:04:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 07:04:43 GMT

GET
H3-Q050 200 BST-Eisbuddy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 39 KB
39 KB 16ms
15ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/BST-Eisbuddy_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3032fff752875a5501df39b2e1e7c12e2bf05e0e71cd6d73d52b0ff22f746ca5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 594812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39748
x-xss-protection: 0
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
server: sffe
date: Tue, 16 Mar 2021 04:13:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 04:13:22 GMT

GET
H3-Q050 200 logo-bst-klein_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 12 KB
12 KB 15ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/logo-bst-klein_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20bcafc14695138a78b87b2ad80fd92dd39d9973af5cc37a7b1bb01b670d6784

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 413023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11803
x-xss-protection: 0
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
server: sffe
date: Thu, 18 Mar 2021 06:43:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 06:43:11 GMT

GET
H3-Q050 200 BST-bUTTON-05-05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/ Frame 1812 1 KB
1 KB 17ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/BST-bUTTON-05-05.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17010147462245003352/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba705512917e5f4d7046601a2bddef6f96d85999f518695b9c55d620bddf3791

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1453
x-xss-protection: 0
last-modified: Sat, 25 Apr 2020 11:59:28 GMT
server: sffe
date: Sun, 21 Mar 2021 07:04:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 07:04:43 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame A98E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

POST
H2 200 ProxyBidV1.php Show response
proxy-bid.holmesmind.com/proxy_bid/ Frame 0577 0
234 B 464ms
335ms XHR
text/html 34.96.118.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-bid.holmesmind.com/proxy_bid/ProxyBidV1.php?z=10846&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2FTurn%2FCF-160X600_NewsLeftTop.html&n=846&o=1&d=1&b=2&ts=1&ii=2&tp=onead
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/onead_test.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.118.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://adx.doublemax.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 events
bidder.criteo.com/csm/ Frame 0577 0
147 B 63ms
60ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:54 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0577 43 B
260 B 23ms
19ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 01:26:54 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0577 43 B
260 B 23ms
19ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 01:26:54 GMT

GET
H3-Q050 200 keyart.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 26 KB
27 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/keyart.jpg

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96df509716909d34da46ba6cb3070b1c2728ab80696b33c5b3b8e1de5c39aab9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 225487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26327
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 20 Mar 2021 10:48:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 10:48:47 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AC99 12 KB
5 KB 17ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 1812 19 KB
19 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 02:33:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
age: 341628
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
expires: Sat, 19 Mar 2022 02:33:06 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 58B6 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK popup-close.gif
www.moneydj.com/funddj/ad/qk/images/ 1 KB
1 KB 252ms
249ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/funddj/ad/qk/images/popup-close.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: bf9fc023ec6b3b8c22ce8ef08b7514527360ae5f75578bdeded5d4b420dd773f

Request headers

Referer: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:53 GMT
Cache-Control: max-age=604800
Last-Modified: Mon, 05 Jan 2015 10:21:15 GMT
Accept-Ranges: bytes
Content-Length: 1229
Content-Type: image/gif

GET
H3-Q050 200 logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/logo1.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 555086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Tue, 16 Mar 2021 15:15:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 15:15:28 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1FA6 0
0 84ms
83ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjQTrPqfE8W4nDKJ0WE_v-aYOUuK0D9jV4XprPtytUg9ccYCxZVr57m83KYv34EjWR_EuWMNa_V30Qx-lkmunQ7IZygmy0yBYZqWN0iuDZQGOVTsRUjIsPxd4Rs8251_9XHzE0cNyNKjB2Ng-XPK3GgPrMzHG7Q3GXVvU6aVjPDcEi95PWptJcuO2UNkGsWPMm0XDxlLd0hPhVCP4xMJGXM4p06GrvnpJxezYMe3-zeS3jxERLmOpNpxiisyTpP2jVZod6B54Dcg5QcM2O_RCBuicXyaGtJo1-YZ06jIKKA2lUx0CifTtTYtuc&sig=Cg0ArKJSzN7PNek2bbxFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1FA6 9 KB
7 KB 23ms
23ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b292d95c6c9dbd48c715d5b8ed918340ee72afe6275f374ed457977600365d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6633
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0303
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlElRWCqo3Xvn-FDxDisTisAePfCAK6ycpxWyn17nWtDqs_j57sV-p1FH0vK6I; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 02:26:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 01:26:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FA6 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/logo2.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1504
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Thu, 18 Mar 2021 09:38:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 09:38:00 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 0577 10 KB
3 KB 52ms
51ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=10846&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2FTurn%2FCF-160X600_NewsLeftTop.html&n=846&o=1&d=1&b=2&ts=1&ii=2&FPCK=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:54 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-77-nzt-ray: Rxl5iV1Mu3Q=
age: 14
x-77-cache: HIT
x-cache: REVALIDATED
x-age: 605
content-encoding: br
x-77-nzt: AcO1ryzMtAjOXQIAAA==
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: CDN77-Turbo
etag: W/"84d8b1a745228113e60f5e62f0eff6d3"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: x901oB6ko0Sa16zfE_v7bk6KMiehAgGrx75vTx6nBEDiuxcoFu05yQ==

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame C29B 975 B
535 B 10ms
10ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3408
cf-polished: origSize=1191
cf-request-id: 08fe4a355d00004dfa31b0d000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tKP9N1XwQYvzZxNPgaT2g499XEiGOjWedbO26I2H2AoSaIU5iODmDzf4y85fqGYa7lqinQ0QNdwHhgXlUy0%2FecShLtAJq%2Bz8FEOUOKY%2BlA30dw7NfY3%2BdAVQ5xA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 6343dfcef9bf4dfa-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame C29B 46 B
495 B 457ms
153ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99d354be528372d292b260e77a7b1512c3b4d982b4b6e3b029f12b655c601ac5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.doublemax.net
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame C29B 378 B
1 KB 506ms
209ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2Fwww.moneydj.com%2F&xr=1&adid=ad-AA7A84E7EB39B289F8D2962878379882&w=300&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.08983366849159946&ao=https%3A%2F%2Fwww.moneydj.com
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: c83806ab124918e7d513b5c1688eb33e72eb5123bfebf94c7351d9b96efda642

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
x-width: 300
x-height: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.doublemax.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: 47a278d2-74d2-34bd-9f44-33649e747c59
connection: close
access-control-allow-credentials: true
content-length: 378
x-adstyle: banner
x-adtype: html

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1812 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 tableau1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 21 KB
21 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau1.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 226329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21091
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 20 Mar 2021 10:34:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 10:34:45 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame AC99 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD4E 0
0 84ms
83ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssf7mQXd9hUKU7Fa_LQJEUQAWmDLax71L-PVrUTsASe1k6rftFyHMKOI28lyHWcTc7Oldb3mEYZ4Ne_SG4XwLNuLW-z3ahGWoyA-A_vfUEvXO7Cj7cENy2oC8RfpmpmbE7XIdHuBqj-nw6pPl0o-fWSbv13MuvWik-sUlx3ekp-q41sAqz-G0DmmNmRcVN-LRb5t-lUQLTHRY0jGuT_1-aUh67CWsUDxEKcTcd0WYc4YSsrf-cMJ8GZ6Cy7IJ9yIX_5hV7zZTzGXyKJ5ZnxymGzuuXy17muHKbRzgjsdd2T2hSdUXHJg4s64tO-aw&sig=Cg0ArKJSzNWwNKabrhMIEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD4E 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da6a8908492a3dc418066424dd0b88e44731cb73d15fbbaa7a43144160e66370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6510
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FC8 42 B
66 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXY8RIdgSqRI0HYn7f5tAQe-wmtutNAWMKAfuzPrSJQc9FNPnRqLusShya5cW9eE9mAtCCNikF5FgRuz9ElgnYxAT4sMxAVAZszn4zsnWz57kolw1U6wByWaqx2Q&sai=AMfl-YRUzzsk_ZVN1WMal-1g4hxnEKk8wwQvX7DNIOZskjuSTI8grOYjKfQwqWcc5UvENjYG0ugaAJffNQEoSubLfpZfiPs60IYDXYAOJr5L68b-Mvk4amUSr4mcoq4&sig=Cg0ArKJSzIlU24Uu2KsuEAE&cid=CAASF-RokrRRXijZxaWmvakVNPKolBTfSqGL&id=osdim&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210322&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=994438583&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616462812231&dlt=553&rpt=528&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 58B6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 tableau2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 32 KB
32 KB 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau2.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 8709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Mon, 22 Mar 2021 23:01:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 23:01:45 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 874F 0
111 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=3014727783491532&bg=!iIuli8_NAAbUo7L91KM7ACkAdvg8WkbnLAdQu_GZRBpoc5MIuY-UDJNNnxukDlEZWeruOkNm0GpVJwIAAAT9UgAAAB9oAQcKAIBeulrPQhJpXH0jX64GZlTmDpOrOs1s_Neo4IJDlSURsGt75aXaqyzcUU1jiHFJOXNLv9fy8Zn0W1EdQivRBf6rMHvuCcW01jABRqNd7rXNb7o3Z-dp48GzzMA-in6TKDJ5muzlhgwTJ15I27UnxI6ikziqxgVD0HIoSCPdM8O_opkCGbFoByzUzLGwSscv1qSDiBLTixsGJ5lQtbiLO6njhrRcNh4JlyPyR8BZhi7rGNeWKUJ3327sBL4pj2zm4UxHCzfwxOG9T4SAxyLi2YhBTzlJpmzGVPPu_VmE_TExXLFpKUCUJSplmA-9-okk-Ei0YxRLOanMR-EGsST5D1tj2jO84VU7rordQX_W_ou4xtSibCKwErdBAYpVL8hXvq5Q1rF_1ygLN0D0jvM-NKZ1LFuNsVHfhY374Vl2tcSEXfu9MXj3txznA0HPZo-ESDxszEjtwHDAZ8tZRQ1ExPeJ7jYHmtL9qRMmWqXcK6XUcPunXQGQpkSDli2VEgIqNeY4bZsnqxijspu9bGKqk7P7hITfyj82YYns7UNidKUkOqiyo8WPgduy4Shp4_49TYFN1bEUftSr74A_iz_QthVISDeZAjRnhm_EUObMromsoUEcyUx--9tkxzRiNPR4pSRKsA6m5IPlnXNGLFbU164vpU6JP3b0ARY6HeltL4-5BOZ0VoPLTSj1o76xVEBib54NpgvxI8zEsyBqypOBm0L817YUwnZ0OmwPTzpL7h8y78-wTdXHIvp3AFvl_493G0eI10YUbqkEa9x_BWCQACvxbX5B12ep4w3837HEhq8B5bAm8PLX_q_E7qRRoq_tKiw-TiKsG6wzsVkff73VnyoanS6Pw7LdFXm-HIYLdkNHrt6SVe4RBY6Iw9RVsg

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6112 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD4E 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:54 GMT

GET
H2 200 tableau3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 13 KB
13 KB 7ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau3.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 515572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13398
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 17 Mar 2021 02:14:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:14:02 GMT

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
221 B 1083ms
437ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D20694%26Tags%3D2008%2C2007%2C2003%2C2002%2C2001
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
220 B 1211ms
565ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D26257%26Tags%3D2544%2C2545%2C2546%2C2547%2C2548
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
220 B 1211ms
565ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D26922%26Tags%3D2136%2C2135%2C2134%2C2236%2C2237%2C2238%2C2239%2C2240%2C2241%2C2242%2C2243%2C2900
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
220 B 1092ms
447ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D27099%26Tags%3D2083%2C2329%2C2331%2C2332%2C2608%2C2330
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
220 B 1091ms
446ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D27100%26Tags%3D3225%2C3226%2C2182%2C2181
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C151 0
220 B 1090ms
445ms Image
text/html 3.114.172.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5%26SID%3D25299%26Tags%3D2008%2C2007%2C2002%2C2001
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.172.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 tableau4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 23 KB
24 KB 11ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau4.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 321987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23527
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 19 Mar 2021 08:00:27 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 08:00:27 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 80C3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 txt1_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 476 B
559 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_1.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd6350825500b6c6cd37e595e90cfbde94471edb412b60765d86b1e238aa6c8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 324597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 19 Mar 2021 07:16:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 07:16:57 GMT

GET
H2 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6112 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 txt1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 600 B
682 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_2.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa42c00f4e7bda83e89b338ec4aa0d511f6c0148264743615cca2477357dd08b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 225607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 20 Mar 2021 10:46:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 10:46:47 GMT

GET
H3-Q050 200 txt1_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 873 B
956 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_3.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65cb276688e651b73730817cf765a5ff0dcf7e6d4bfde56a300049a80bb531dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 440648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 17 Mar 2021 23:02:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 23:02:46 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 80C3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt2.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aa0cbcb88af656c2d1c38409d4e76618fdef545d6612cf9689ff688fa7f5525

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 440647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 17 Mar 2021 23:02:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 23:02:47 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E98 42 B
66 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvNTbQQ2P3SrcpmEf7c-CR_JOkNqk_C94zp6E_i1H4-DXpCzaj1veUJdDZ-Jg2xWP4O-1sZOUavTuTCYBxHDXO2850vj8LncG9fipYpQAL6e556stCvnObkWZGtQ&sai=AMfl-YS52us1uT-sPK3DD7K0Dgf1WDigyhOxF6MNuUcM3prDmOZMYHuLWcQq8kksJcWOumxUU8_QgcPPItGo6J90i-vxF_2b17caNpsHEF3rO01PJFKmtCpcpeLS6-g&sig=Cg0ArKJSzEETIK1eg5c4EAE&cid=CAASF-Rocxs2YwcZHslsx7qK4fi5R7Sf0fk8&id=osdim&mcvt=1031&p=253,987,503,1287&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2064055290&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616462811903&dlt=675&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt3.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

572e29bba4425be2b621a357ce43f5388bbc52f4e23ce145cc71a530ccc8ae7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 8709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1273
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Mon, 22 Mar 2021 23:01:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 23:01:46 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B2A 42 B
89 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-sjAr6SA7UMPS3-cNSkfnJgJLoj8LK8R-PrhixZodbm5D_f_IMflWmkA9qcsMKeFv9q1J0zDcW37V4v4q1Fqe3mitG2UR5h7BkN23sIw&sig=Cg0ArKJSzFurPwcgJE8zEAE&id=osdim&mcvt=1028&p=924,987,1174,1287&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20210319&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1452853795&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1616462811583&dlt=0&rpt=226&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 5D65 807 B
710 B 12ms
11ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-type: text/html
set-cookie: __cfduid=d4cc5afd521abe6266474f2eba96982e91616462815; expires=Thu, 22-Apr-21 01:26:55 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3257
cf-request-id: 08fe4a374700004dfacbb46000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1cZnUEMx9jlzLhyUNIyg0XTOvCwaNirTW7wDpg43HsZ31idFU%2BkeieWx2S1XtH61F8UMQayMagGVN7olqxonur9Smf%2Fr78C%2F7%2Bp2w2bBr4yi1E535ZyGmQkyi3s%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6343dfd20c6e4dfa-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame C29B 35 B
266 B 420ms
141ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:55 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3-Q050 200 txt4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame A98E 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt4.png

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5b62e1eede76e411958a7768e2b6e18dd5b07968bd8e5eda42e73d81623ed8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 225303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 20 Mar 2021 10:51:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 10:51:52 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame B5C6 6 KB
2 KB 32ms
31ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-77-nzt-ray: /bTDPMHPdeE=
age: 31
x-77-cache: HIT
x-cache: HIT
x-age: 422
content-encoding: br
x-77-nzt: AcO1ryw17KXvpgEAAA==
last-modified: Tue, 16 Mar 2021 09:35:51 GMT
server: CDN77-Turbo
etag: W/"fcc536473734c006770cfb309e523fb4"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: udRT0Qc7bZ7Oopcb4lQ7r6JXnqis1-7nDrH-ejeclJ-S4Sd9V7m-jw==
expires: Tue, 23 Mar 2021 01:29:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5D65 57 KB
19 KB 54ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

30c7838ad532a87c087f43172712eb4e3a993b19433a0660ea6f630e243c6af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 127 of 1000 / last-modified: 1616451005"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19749
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EEF 0
46 B 43ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031701&jk=4383165667044898&bg=!p6SlpODNAAbUo7L91KM7ACkAdvg8WsfRmVLA2aFx8Zsg5Plk72OJIlRk9uw_Tn09iT6A_mSXvmFxEAIAAAFPUgAAAExoAQcKALTSk0OxD-afVYArkgytAnvtzRIkiS7oQFwb-aYs4ph7AuLJRYFz8pwLwzEkPXH9-_YBYgSuvl8wHZRYqLB4jf6wiEikoB06Z7GbZNxuQnTJgEMEbW_SL7ZrUo9vAsxdQQBWT4Adg8P7UOGeoa9-Dtd_426KqrEOkeQHBTokFmyZQDg1c2KVmRUA4jKYfF1Q6yCSMh1eISsb86Y54fCfi64R7dms3uFnsZKMpWzRs2Frig7EhfaZAkQPLMuRFFx3Gttlm-OdJySL6puLWNnamjkDGVmeXgFH7Dy-ef9c-945zSTDKDVijkMWEZTsZ5XHMGOPdIEKZE0qaVyV9Zq0YOeyr7KACCyaAXe3-kp-A_WtHDHshBgSohnAQ30PaQFlff2zY2LtA9eQG9coVFFRSnxENfbVTfZwls5O9UWM9fmn9ACutx4B1nwD7UT_ToyTraUueaDZg0hLU9vG9fGdkcW-X7SXR2oHe3JK_nXLb1PnZR2k_fejR67YtIsWm2ONNbiq8NmX7nb8KWSc5UqTyzbeURt-84zkdTowUQYrG9XLmhFSsHzVy54be1cRdFSwDAMKcu4UmX1rQruBuTiqvu1xrBJaBRNqqbU_RtMN3LHf7-IqWZQf5xG-wZWZ6h4pamtFPCCMlPGjRsEU20mg2n772BQS4PRBsqR5Hg1Xht3xZj8jHotnmuh3OVPdkEFuWQZ-ZkX2jGqRkYHiKtlajkm7SazGT7s9hQgumn7FEGnuTKryQ6sqSYofD28E6mRiLtkTvs2FrzvrxgqNn07iG5hepdmYxRcvJxojBksxPDmt6C9yW6jwvh7vDSfjxUq40Kmqgr2xdo3jfwYbcy8cop0LgKOWb93cqZnuGi-kpXGfm1hYrmmaUMd0STz0ZjC5ZTVSdQjxTy_c-avo8vV34eSEUVwmihPNXKgqZj_4MFNaYxapMiLB32TkXFRydU0S4LLsqSUFvdySFUtm2eFJaV07GXa_tfIGENn1Pnt6ShiMtWwwgJ1ncVifDNh6

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 37D9 332 B
450 B 9152ms
9151ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

:method: GET
:authority: fcm.holmesmind.com
:scheme: https
:path: /cm.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 332
date: Tue, 23 Mar 2021 01:27:04 GMT
alt-svc: clear

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame A424 6 KB
2 KB 32ms
32ms Document
text/html 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee

Request headers

:method: GET
:authority: cdn.holmesmind.com
:scheme: https
:path: /js/capmapping.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-type: text/html
last-modified: Fri, 12 Mar 2021 02:32:17 GMT
etag: W/"eafbd15dcbf67ea2b8cfadd2d92f78f8"
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: H4EetJvtOmBef3PDfXb-F8VagPcVQhuOsuXPPLzlRmAXif3ajh_rAA==
expires: Tue, 23 Mar 2021 01:36:02 GMT
server: CDN77-Turbo
x-77-nzt: AcO1ryx/EFbvNQAAAA==
x-77-nzt-ray: jzKjZ1MmI0c=
x-cache: HIT
x-age: 53
x-77-pop: frankfurtDE
x-77-cache: HIT
content-encoding: br

GET
H2 200 edmp_init.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame B5C6 662 B
755 B 337ms
336ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 3ebb4b474894184bf142b058d305720d.cloudfront.net (CloudFront)
x-77-nzt-ray: fWQyf4LeJBY=
age: 2
x-77-cache: HIT
x-cache: HIT
x-age: 332
content-encoding: br
x-request-id: 4f416338e9bedb037f917811deca97bb
x-77-nzt: AVQROQoRb8HvTAEAAA==
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: HiNetCDN/2012
etag: W/"f58f8a90686f8ffb3325107e8a788b71"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: EjcgqwFoYlWPbeM1AYhHJYUwLJ7682ffdSZ9UFSOE7nN9nLxm49Nag==
expires: Tue, 23 Mar 2021 01:26:42 GMT

GET
H2 200 google_mapping_init.js Show response
cdn.holmesmind.com/js/ Frame B5C6 5 KB
2 KB 32ms
31ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
x-77-nzt-ray: ntd3KNu5nPk=
age: 43
x-77-cache: HIT
x-cache: HIT
x-age: 88
content-encoding: br
x-77-nzt: AcO1ryxJhv/vWAAAAA==
last-modified: Mon, 15 Mar 2021 05:11:36 GMT
server: CDN77-Turbo
etag: W/"ecc7750ee9369dfb2865df8de920fc09"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ljSYoLbFhwgOUyw3UrX8RPElOpEUc5ogTaN4W6GSxNS5OKvn4jAChw==
expires: Tue, 23 Mar 2021 01:35:27 GMT

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 8FBC 3 KB
1 KB 35ms
33ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 38d90211619a4572e2b5d01f2804f3d7d5143bd95d3a77520233389273d18216

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-77-nzt-ray: 3n7kHMNPwys=
x-amz-cf-pop: FRA53-C1
x-77-cache: HIT
x-cache: HIT
x-age: 3
content-encoding: br
x-77-nzt: AcO1ryz3EzzvAwAAAA==
last-modified: Tue, 16 Mar 2021 02:06:23 GMT
server: CDN77-Turbo
etag: W/"fbb982d82fc3909ad8df88b7320297f0"
content-type: application/javascript
x-amz-cf-id: g-vBX8xl5Y07WvhwzXV3vlKtokq04bQsb1BZbrSdHPo0DjoVxV4Ydw==
expires: Tue, 23 Mar 2021 01:36:52 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame B5C6
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

158ms
157ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B2A 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=1387260170119057&bg=!09Cl0JTNAAbUo7L91KM7ACkAdvg8WgusBbnbU_gHUxPcwPByq64R-5-GKxA3wTwr_wVBMkL8K7gQSwIAAAFUUgAAAFFoAQcKAFwPVEZF50Fu-b8BEZEMCtbLIgH3HpD3h3mkZeAa6IZXfJEAHuLk7h0Uy6MQAoGTyXX6RtpaHxCam9FFOJ37SaBepYAX3E-C_BkqASvrQbwnH8IKRIYSZoMKd2ORl5kB8SSS9-WQQHSCx8mp9Hypi7JrhjV_Bec5I8SL8NPV0r7JP3reGswAxTQIVK5pQ0KkoVWiqVK6_8UWU0-3LPEcyhFkbdNJLKfsJb4_MrXAaarcKVozAM16H871s6IX2Lk25IO1SrRCdGDCmYWZD92rhhxw9mXBYR7u8ynZF2Dq17qYov7L54CWdAymeUk3LhvSwd7vTXPjUa-PRUY2JRvc7P4Y0R0AQLBZOsaay5woypc_i6fBeFRoa8Ia0RjjLmRc1CmVRwrvY7pwUJGgwe9j-diw9PPBKj6SobhQM6ZllsO02ugNKrUI-7F-ACF9dYwje-REFjB3FMZ8DoQErc9zhARwLyzKoiguuyuvIHQtAjklp3A8vuAMrnoMsxFumuxs_LxB9Fb_wXqgG5CwXmKrN4doX5jfTw0ElYJ5TL5hDhBL7Q3xXhR-jzK6FA1VVIhdQsZYm-sYLxgNIyXmqnQBkvZsYcVydUsxkuqRzEJ7pFzpvPOS5TUH2Of2OC_j8n-CPWyNF5rSMut9xH4ap4QmNAUUgpm9SEIBCHF3R6I2WvFGFSn-ZkEPdXBEYRPvn-N2pjLYKhWFmndOrDKX-_1fq4wguoXH_9yb_gk2dTVm_vxGNQ9c4JOKyWrFYdirdheHAPXLuEiFZABM4CKpPnrrBCbS

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5D65 285 KB
100 KB 56ms
56ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:55 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 8FBC 697 B
695 B 9ms
9ms Script
text/html 2600:9000:211e:e000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=10624
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9095791fc7dbea3f0c0125a66b776dc5d85a06304a79abddc878ebd9699cbde6

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:21:54 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 301
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: tY_uRz-QI7g00tySto_UrMPMbEW3qfzmsI-G6sBHvOR9a8wdUJ5VgA==
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)

GET
H2

200

cm
c.holmesmind.com/ Frame A424
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
49 B

156ms
155ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H2 200 2.js Show response
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 0577 857 B
730 B 340ms
333ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/2.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 24af08111a4eaa7af9b691d2b36e4c2bf2290edba765e02151da03ab7b88c0c3

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 f38a78a2a0484ca72b698f4e2dc320f3.cloudfront.net (CloudFront)
x-77-nzt-ray: uvOCLlipnA4=
age: 19
x-77-cache: HIT
x-cache: HIT
x-age: 474
content-encoding: br
x-request-id: f802b9414456a01f4f94213a12ae3777
x-77-nzt: AVQROQZu5a7v2gEAAA==
last-modified: Wed, 06 Dec 2017 07:54:25 GMT
server: HiNetCDN/2012
etag: W/"e24f4884d54f334d7fc409cffb3b15b1"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: 1-E9Np2HlwFgzCGw0ELwc-S3nE_i88x1Yf05gmCU_RN-NOxJbpQwBg==
expires: Tue, 23 Mar 2021 01:26:06 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 8FBC 3 KB
1 KB 351ms
348ms Script
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=10624&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x600_NewsRightDown.html&n=417&o=1&d=1&b=2&ts=1&ii=2&FPCK=
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a75cee02f6ac08018e9e989531414f8e2797f671779d05d938487b851b607530

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 3 KB
1 KB 337ms
334ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 fdf96859c8a26606c28f770011e1fdeb.cloudfront.net (CloudFront)
x-77-nzt-ray: y2yqISH0CHo=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 268
content-encoding: br
x-request-id: ba5f999d68016eb991231eda73387931
x-77-nzt: AVQROQpMX+LvDAEAAA==
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: HiNetCDN/2012
etag: W/"6a605eea47197fa280f27aaf1fa1521d"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: QZtbON_ZHZ0NgYLEwA8QLNso1K_m0WH332NpbW-w3aEDKGoMiNMAaA==
expires: Tue, 23 Mar 2021 01:31:14 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 8FBC 114 KB
37 KB 17ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:26:55 GMT

GET
H2 200 criteoV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 2 KB
1 KB 337ms
335ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 115fcb38413899b63e42dac85a21d414.cloudfront.net (CloudFront)
x-77-nzt-ray: VlKKn8jbBLA=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 78
content-encoding: br
x-request-id: e6a9fdc881a0dd87ae40bfa06d6cdc40
x-77-nzt: AVQROQIvMEbvTgAAAA==
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: HiNetCDN/2012
etag: W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: kc-qNFwpG5bbFfxO8N3KX7GORJSpn7eh0xg8xPVxCxXoe1oSRe3K2g==
expires: Tue, 23 Mar 2021 01:33:45 GMT

GET
H2 200 bridgewellV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 14 KB
5 KB 338ms
336ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 879a086bdc28d12fcb578a7eec6e27553a62c049d51577f3e8633246cee08627

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 472637409b8ae00cf91bae609bb7b3ae.cloudfront.net (CloudFront)
x-77-nzt-ray: Z68GetM4bEk=
x-amz-cf-pop: HKG60-C1
x-77-cache: HIT
x-cache: HIT
x-age: 521
content-encoding: br
x-request-id: d3ef75437371b9195e09657372ed14ad
x-77-nzt: AVQROQJvNzXvCQIAAA==
last-modified: Wed, 16 Dec 2020 09:31:55 GMT
server: HiNetCDN/2012
etag: W/"d7d2964abc57ee2b2489284fe2ac32b3"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: sDcVSejsaSRYg83R-JpjZRLnX4unLGjsyRa0h9f1_ijIp91ru7PMsQ==
expires: Tue, 23 Mar 2021 01:25:52 GMT

GET
H2 200 appierV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 3 KB
1 KB 342ms
341ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 3ea7dec9ae91ed3e4cc2a65d3613ed52.cloudfront.net (CloudFront)
x-77-nzt-ray: NfIagm3mCI8=
age: 39
x-77-cache: HIT
x-cache: HIT
x-age: 381
content-encoding: br
x-request-id: f08a4b43c3b0663af2ab687cac904bd2
x-77-nzt: AVQROQZjRAvvfQEAAA==
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: HiNetCDN/2012
etag: W/"548ed610a8571343fb3022f543174735"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: sx89KaXbuTlygxpQ5b2aG1Fne1pSR_RO-ccUqamWr_2qpiviR1fOLw==
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H2 200 appier_mainV3.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 3 KB
1 KB 343ms
341ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 236735b52059949e1df9130ff0e7ce4e.cloudfront.net (CloudFront)
x-77-nzt-ray: uj1zAE5Xjzw=
age: 8
x-77-cache: HIT
x-cache: HIT
x-age: 530
content-encoding: br
x-request-id: 5b68cff0195e86241acafee3c79c743e
x-77-nzt: AVQROQLGQ9rvEgIAAA==
last-modified: Mon, 01 Feb 2021 03:25:47 GMT
server: HiNetCDN/2012
etag: W/"2dd28f3fa27f42668b8859c537099414"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: X8Jsj01Oza640FcsrT3kj1XimCWQxqcgEL2uzLJ043skJPwT_6DhbQ==
expires: Tue, 23 Mar 2021 01:26:33 GMT

GET
H2 200 onead_test.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 8FBC 1 KB
917 B 335ms
333ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/onead_test.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 203053ec63eacb1c5bf88ded535e2051bda04569ef926e19647cf2bfd9b0ca69

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 3ebb4b474894184bf142b058d305720d.cloudfront.net (CloudFront)
x-77-nzt-ray: OiQF+zWRdOU=
age: 58
x-77-cache: HIT
x-cache: HIT
x-age: 107
content-encoding: br
x-request-id: 3c9531b60117b7529b3e5997aeaf5b4a
x-77-nzt: AVQROQY2tpXvawAAAA==
last-modified: Fri, 16 Oct 2020 09:58:11 GMT
server: HiNetCDN/2012
etag: W/"cc3c7b48faa78743733e2f5433e396b2"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: 48ahHqBLw4QnvaH4TEBaEjKo4SHqNfUkZLHIzIdi1YtFa2QDj19FMQ==
expires: Tue, 23 Mar 2021 01:34:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 5D65 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5D65 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5D65 330 B
523 B 73ms
72ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3366160374087310&correlator=1307443593534637&output=ldjh&impl=fifs&eid=31060473%2C31060502%2C31060520%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1616462815440&dlt=1616462815082&idt=336&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=40ckpktekc4w&ifi=1&ifk=923963767&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2005545625.1616462815&ga_sid=1616462815&ga_hid=2112459369&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2796282cad6bdbc63c7704e9ff416cf31e1264c3ed58ec9b2d36ea243f2cb612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5D65 0
0 74ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5D65 0
0 6ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 41C8 0
150 B 22ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.moneydj.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.moneydj.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1412
date: Tue, 23 Mar 2021 01:26:55 GMT
content-length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FA6 0
23 B 65ms
65ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=1098576869987498&bg=!PzylPHjNAAbUo7L91KM7ACkAdvg8Wku4ifdevUr7gYzNR1LJFGGB02RVPDZaIPYk3mdzTCHOeHZAjAIAAAHfUgAAAE5oAQcKAUbZ21Xt-3jjPNBCwn1Y07sidbFFtd7QoKoH8JOIJg5475t7ypm4bq6zbJmGXqA3l9JgPNgyE78YEojZ9YVgDI0iBYUgR-Ydz1IeJJKu5JLhJhU7dZzz8FjpmspQ7gWtmytrMc5j0uvhSkbzmacRH09SwE1rBeSVdZc-21WYZiRm3KstoMVNlzUbo7PmeTds6SGcIKCo-hNK5iJaaBeZDVNBqJZUd_qwydf2GIB_WnAcg43x9tMAMBLfY1tHm7UhipondnPf-N0iBBAo8YkVKwYzTr0YXW9V4z3FpgsXw-6je7oWX96Zq62Lmvix0qep412oSHdvjoFBpGqS2uVQiDj7MRThwt2GoMQTB7JfyujfltdfSQiS8GPY2W1PTmbn8d9pswxUj-ect7EQVRYXMepfO9sN6ZzrK5vf4d9GpYTvY5BK-zekOZkCAd86lFGMk2ra2O45y1IeCSwkRlJstLmrt1H_yhUMYeVatIrOd82nfhZcuvx1cLcXTrPLHy-Rw4rbzlBVJnhpflPbExMSd2SMAjsI-jm0x2wnpneGfW10TC1zqnbdz08T532caYmzY4za_pByaPm1nW3giwo4ZDJE6gz48VFrT6XwwziYZsls-GFFWfdYZzIGNOHpOErl8wZI0GySPwgowny8WtEsxKZwFjWkyYCzRG6eeonYN7umBmZrX2f1A2QLgCrxzJIKSCkhvW-Owdtuk0E5CCKc824qr-EnD_mD92zBcSNRAmYWtgffxeuoD9uX7sLGpujmgv2_2MDRjY9UHJOxSPNN9dwANk5ciiQDM8F9ptfkiybDq9urKI2QaMOOJFLKTzDusWK0ScGQPn2CBDOxVcP3NaLa1_Vuby-hgfKmYZhTtCdjXa-01vZiPyAjoI3e0QLkhX_yGcGeARVuKbfBUT3Z5E6z2jKmgXeQUastBA6iZ8rrv1X8nKQ_8IuKxm5KKQLVp3rzyvB_8lLRMZLvSccwwIYypaspBqaG9EZymilmkEU9G3HGvwQhNMQ48a_t9s-tN4iYVlIGGQFYWJyYNUQsjlavpHU-LHN95OBjBPg2i4gGp_KlcPX6RkP_1IUPnQd8BR-jxtBOJ-sZK3tzo8kklZK0i-AQhsL5z7ML5w

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD4E 0
23 B 58ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=1674222943023338&bg=!Q0ClQATNAAbUo7L91KM7ACkAdvg8WuvLd0R1DzZ_VxF91YGUNEaCAe4vG3zFI3PPwb6BzHKEPwhcUwIAAAG0UgAAAB9oAQcKAJCjXrzsi45hIJsw0MGQgKQvZqyWGxzUL4dUc-3yrMTl3MGeguXK0HqPvfWtNmJflH4sXQw9k9XDthKgxjFBPBXPmsot_ZKkRXto46rDLLn5MojZTNA3sDDwyG3fUAdZsAamuQyOTNZSC4Vhxo2QTH4oE6QIX04HtPdpMH2OvBrDxovJFQEHkoSj0pEGGfcASMWZAe1c9lSW0DsO90D-tUrAuzMWSDTQtCn81mjQWSUDdi7SO2nwE4NrRoMGgW-bwCgsJlW3Lhwjpyv0vqQiNh7q6F94lfiCKwkUEZvDN3O82opA8ZKh8LYbzDB5CKz4nrxOXOshiC63gVkzOmSqjYMcUEwkySDh4tZ6tDmh3VukVjHaCZHRNaMrSSkFa5kOy1iILjCSjmUCUipru0CjcJTXKdtBbhp3QAZDTL3VIhxXPcSZSLx_zgu5eD75QBj_Y1cfuIHoPICbNVQRplw5LHNhIw96QLUIMJoAh0YWrdr8cpceumEQSQViEbZSfkZI0hKte4oi7CtS80l1LMUuvtzps9bFXfrM3sCgh7zxngTl5487s25ZBbrgkTjNu0fJvw5ILPUDLag4qnDTtrhAJZQhz-nHKpLLlKmq6uNhfx1qkyRVTjj8ofJfFGqan_3kAJd7tFU0pTqxttpsZJsXISshxbtQR9mYSGlC7tM96aJnLQLIV9Da2qhVwPlS_d3anCCBwxTsjnxk-OaqIz5Q4_0PwYQ8ahavG3ivmMi6-nPaJIL3F-4Jw7z0pSlL5BRYCVzsXfYUvWWhxWhJzTOlOzHLSaFF--obEhuiRZNFwuEGin0FMP9aHmLEYKDp6hS5cAEpA1pu0hAmqSNfFl-LhU6v

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5D65 9 KB
7 KB 42ms
42ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

995d427ec85c79854c6f408d7b2cb2faf141d5056775a2122f6c999827cbbdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6658
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D65 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:55 GMT

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 0577 0
152 B 310ms
306ms Script
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 681C 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10981
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 681C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126599
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame D57E
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

38 KB
39 KB

11ms
11ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f986cbacca9fd13b5f9f186d871d11658509fae78bf80a6ffc50f98ad09f5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2362
content-length: 39237
cf-request-id: 08fe4a3c6d00004dfaf5909000000001
last-modified: Mon, 15 Mar 2021 04:23:22 GMT
server: cloudflare
etag: "604ee13a-9945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ts2ZE%2BxFrXDhilHL5%2FvoCAB4MBMJg6a7lCtTfWgzjcnWpnSDqZSTTABtJnFCUva3WqJSXqNMlRoODfwFx832THb4lPiiQNLtTo7uDPc%2BX%2FNXo9pkQxyFMDgUV80%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6343dfda4c214dfa-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 0577 0
77 B 310ms
310ms Image
image/png 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1616462814&p=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8FBC 0
179 B 199ms
196ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8FBC 0
147 B 61ms
60ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=74010554630
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 8FBC 0
0

GET
H2

200

google Show response
m.holmesmind.com/ml/ Frame 9DA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&targ...
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublema...

0
446 B

390ms
289ms

Document
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: m.holmesmind.com
:scheme: https
:path: /ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: P=689588-gdjxvOZCvh4WX4CHh1XZhug1SWKeE1Gv; Vision=20210323-23:59,20210323-12,20210323-12,20210323-23:59; C=null; RK=null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

x-guploader-uploadid: ABg5-Uwl2Yco2h-8EYWTTvEg0QU3qaUuBsaqEICFJmSsFLqQQR6dqMSaY8VscIXd11XiLMWE0lyIwOdO1SF5JKEkWHtsleVS8Q
expires: Tue, 23 Mar 2021 02:26:56 GMT
date: Tue, 23 Mar 2021 01:26:56 GMT
cache-control: public, max-age=3600
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 0
content-type: image/png
x-goog-hash: crc32c=AAAAAA== md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
content-length: 0
server: UploadServer
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:729c6721234a1a0879a2fe5288fdd7b5:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=174505-6tsMlBjPOlizMSuI2gENevm7ZBDlyBt5&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
date: Tue, 23 Mar 2021 01:26:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 702
x-xss-protection: 0
set-cookie: IDE=AHWqTUnvrogtaOzrdZ9T1a_GA-yaUfm5_GlqY9iWWut3TuFtKNw9TBB8kcQ6js5Ng_Q; expires=Sun, 17-Apr-2022 01:26:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 8FBC 10 KB
3 KB 34ms
31ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=10624&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x600_NewsRightDown.html&n=417&o=1&d=1&b=2&ts=1&ii=2&FPCK=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:26:55 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-77-nzt-ray: UMD+bqXg5EE=
age: 14
x-77-cache: HIT
x-cache: HIT
x-age: 1
content-encoding: br
x-77-nzt: AcO1ryyTiArvAQAAAA==
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: CDN77-Turbo
etag: W/"84d8b1a745228113e60f5e62f0eff6d3"
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: x901oB6ko0Sa16zfE_v7bk6KMiehAgGrx75vTx6nBEDiuxcoFu05yQ==
expires: Tue, 23 Mar 2021 01:36:54 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 8FBC 0
147 B 60ms
59ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://adx.doublemax.net
date: Tue, 23 Mar 2021 01:26:55 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 8FBC 43 B
260 B 15ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 01:26:55 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 8FBC 43 B
260 B 19ms
18ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:55 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Mar 2022 01:26:55 GMT

POST
H2 200 ProxyBidV1.php Show response
proxy-bid.holmesmind.com/proxy_bid/ Frame 8FBC 0
82 B 440ms
440ms XHR
text/html 34.96.118.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-bid.holmesmind.com/proxy_bid/ProxyBidV1.php?z=10624&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x600_NewsRightDown.html&n=417&o=1&d=1&b=2&ts=1&ii=2&tp=onead
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/onead_test.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.118.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://adx.doublemax.net
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D65 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031701&jk=3366160374087310&bg=!EhGlEVXNAAbUo7L91KM7ACkAdvg8Wv8AAVgM2xZ0eocYDCQDfc36zJmlVTsiLbJZ9v6dc0Sdcl54bAIAAADKUgAAABRoAQcKAIXOjDwq_EohR7xPvPMRCVxsBPafSj77z_3UtiO4-U-tQ3UwGW4Fg76myx3fO4vKs8jRFpdosHemLXxCnz-YAoj8fU_KeFJnptrKV5e1cv6R4PgXdiL2unIrYsUmFatCm6E1c5LvsJy8AR1oa7rSnBhzbvsi9aW9A21avuaepZByaP26rscLmQImMB8gbSpsYSYdh3i7RBv-BO78VKVKoOctlDda8iepVWUO6IBF0IpDQ85EBUtWP2t00JCAP43Rph7nBZnzsEUBB_R0L-kBPh1auaTlQHcZqZTDYrT3DQpKpk4bRmtNmvTsgtiWy5QNKgebv4Ju8_gBOsaBkADHJi2aLInN_RGlHXykv_GqCi5yl8J28mUdC-orG8ffn9XJ-SuWerHQGyqItbF2iEdk-9-Zxo7iszfNoKX6oIRxy5EJzLpApSQleabOsZf6RkQolnuSMOzRb1KLLttJ059dKgtBk5HB69fX-u26x-Z2ArrnQjd_COiYgX_uSrDKdRrAdGp3a-nu1ROscinPHcx8uYnRUtzks7UwJZ8vtumYb0xFSaPzpLU2IpVclvtKAmBTbO2B62fwAaRpndm-0QjCc4jrzGW0X-AjugrbzTSQOiVga_NeTIxQGIvIV0w5PJAuS-fLYsmr6gZ4Ix6Ild33W2MnEl79fNXAE5wLoVE0hYD0gk_SolqyEYRJRPrejoS4MtDBSr-Bqr7HBFL1Lv8LQrkfs1lL_OvbaXcxLIKt4YzmCSZ3ocbKhBaM6nPA3xtSsOinubJJqaTl9ttBInvoBB03TWhRjNdAv0Jk1nH3YylNLMjBKn-_pA5c9WXfeGVt8R4VQZ0vjRWRpbN3Uw6FQjZMlrBIk2FAgKQ4XaAnYXntd8NBibEziDM-90xyXfiVqL7chHuuNq8dY4Wx6ilf0Q

Requested by

Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D57E 975 B
615 B 16ms
16ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3410
cf-polished: origSize=1191
cf-request-id: 08fe4a3c7c00004dfa16b0e000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uUuIT52bk2nJsiH6ls8XGhyFSzMzQHGmunKO4BUEnf%2B%2FxJ%2BOLM3MROXjDw79zsV42GWx2CJn7jyT5H80gUe%2BrTiR3CaI5uQjYxqagBonyy76gb4iPAmCtcRXDlc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 6343dfda6c3c4dfa-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame D57E 46 B
495 B 448ms
152ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99d354be528372d292b260e77a7b1512c3b4d982b4b6e3b029f12b655c601ac5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.doublemax.net
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D57E 535 B
1 KB 439ms
166ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2F4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com%2F&xr=1&adid=ad-27336D94344972E919A4B79A96A2D36&w=160&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7497417885575139&ao=https%3A%2F%2Fwww.moneydj.com
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6106f69094ce902b385e9336f20332ae2df888d53bbc3b1da6c3ab5bbb87d634

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
x-width: 160
x-height: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.doublemax.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: 47a278d2-74d2-34bd-9f44-33649e747c59
connection: close
access-control-allow-credentials: true
content-length: 535
x-adstyle: banner
x-adtype: html

GET
H2 200 2.js Show response
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 8FBC 857 B
730 B 334ms
334ms Script
application/javascript 61.221.82.13
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/2.js
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=db144b15-b069-4acb-9667-58e911b8ac66&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.13 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: HiNetCDN/2012 /
Resource Hash: 24af08111a4eaa7af9b691d2b36e4c2bf2290edba765e02151da03ab7b88c0c3

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:26:56 GMT
via: 1.1 f38a78a2a0484ca72b698f4e2dc320f3.cloudfront.net (CloudFront)
x-77-nzt-ray: uvOCLlipnA4=
age: 19
x-77-cache: HIT
x-cache: HIT
x-age: 474
content-encoding: br
x-request-id: 1954bc2d229006aa42ab7c3311d6632b
x-77-nzt: AVQROQZu5a7v2gEAAA==
last-modified: Wed, 06 Dec 2017 07:54:25 GMT
server: HiNetCDN/2012
etag: W/"e24f4884d54f334d7fc409cffb3b15b1"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: 1-E9Np2HlwFgzCGw0ELwc-S3nE_i88x1Yf05gmCU_RN-NOxJbpQwBg==
expires: Tue, 23 Mar 2021 01:26:06 GMT

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 8FBC 0
152 B 307ms
307ms Script
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 75E0
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

38 KB
39 KB

10ms
10ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f986cbacca9fd13b5f9f186d871d11658509fae78bf80a6ffc50f98ad09f5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2363
content-length: 39237
cf-request-id: 08fe4a401c00004dfad004c000000001
last-modified: Mon, 15 Mar 2021 04:23:22 GMT
server: cloudflare
etag: "604ee13a-9945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gO1iXbW7yReIrR5ZWNReG%2Bgydq3eb31mUvD1u6nylRTO6FdDScDjIhTFiRBbPXN3VOzA8OsybJuseHGSOacVbn%2BLm6%2BulS12PFM7BDmJWbcPLKY3B%2F6ojRlJ4js%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6343dfe02a044dfa-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 8FBC 0
77 B 310ms
309ms Image
image/png 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1616462815&p=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256
Requested by: Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2BF5 138 KB
49 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:56 GMT

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 900E 807 B
742 B 12ms
12ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-type: text/html
set-cookie: __cfduid=d26229b4161bf8c92c4d4deca43b175c31616462817; expires=Thu, 22-Apr-21 01:26:57 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3259
cf-request-id: 08fe4a3ee700004dfad685a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m4b7Nz9pydm7iKiwROwYXWkwsfJBxrzY699paPlshcPxYFAgiUwFzaYEkjXd70JPdh%2FP2hiHwuIITteruhzTDSkkqiyWTVEi%2Bnzo73SFiT%2BEClzddn4sgXd9%2Bto%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6343dfde3fec4dfa-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame D57E 35 B
266 B 467ms
158ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:57 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2

200

google Show response
m.holmesmind.com/ml/ Frame B0DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&targ...
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublema...

0
163 B

293ms
290ms

Document
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: m.holmesmind.com
:scheme: https
:path: /ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: P=689588-gdjxvOZCvh4WX4CHh1XZhug1SWKeE1Gv; Vision=20210323-23:59,20210323-12,20210323-12,20210323-23:59; C=null; RK=null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

x-guploader-uploadid: ABg5-UxL1HI3_tT6cq5Jli0cL62Q74kVT-8tMtx9WOGgyxK_AloGAme1CcoZarOsVPc5uY5tI938eRDRfgDv0QnBawwk2W66Sg
expires: Tue, 23 Mar 2021 02:26:57 GMT
date: Tue, 23 Mar 2021 01:26:57 GMT
cache-control: public, max-age=3600
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 0
content-type: image/png
x-goog-hash: crc32c=AAAAAA== md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
content-length: 0
server: UploadServer
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:80799c306e788b1eb848c11f55d4adf8:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESEM8pqfzjyaET91uAnFUwiZ0&google_cver=1
date: Tue, 23 Mar 2021 01:26:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 665
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame 2BF5 226 KB
85 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 900E 57 KB
19 KB 54ms
54ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

30c7838ad532a87c087f43172712eb4e3a993b19433a0660ea6f630e243c6af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 223 of 1000 / last-modified: 1616451005"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19749
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2BF5 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=adx.doublemax.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2BF5 107 B
146 B 19ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adx.doublemax.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C3A 10 KB
5 KB 157ms
156ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c34b0663277ff5ae4c924e3e7f7ef2f44cd306f82196972abf0f5b43060cf084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnvrogtaOzrdZ9T1a_GA-yaUfm5_GlqY9iWWut3TuFtKNw9TBB8kcQ6js5Ng_Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:57 GMT
server: cafe
content-length: 5282
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2BF5 9 KB
7 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59854ee4432822a79f8bc0cff6bc08b316899acce0df8f97ace44bab2c686035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6683
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BF5 73 KB
28 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 900E 285 KB
100 KB 54ms
54ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BF5 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BDBE 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10983
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame BDBE 14 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 900E 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=187885298557892&vrg=2021031701&nw_id=18087395&nslots=1&eid=31060313%2C31060502%2C31060011%2C31060210%2C31060367%2C31060411%2C44739387&pub_url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&start_time=1616462817273&end_time=1616462817274&n=0

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 900E 107 B
777 B 41ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 900E 107 B
123 B 18ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 900E 330 B
160 B 77ms
77ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=187885298557892&correlator=1505004894146679&output=ldjh&impl=fifs&eid=31060313%2C31060502%2C31060011%2C31060210%2C31060367%2C31060411%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1616462817294&dlt=1616462817015&idt=249&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=xocroyvaqxy1&ifi=1&ifk=923963767&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1862567649.1616462817&ga_sid=1616462817&ga_hid=1963363697&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4f8d5d6563606872d6cbdc638433e74c6412748eb7ae3e47be20fe9e9f2f55b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 900E 0
0 52ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 900E 0
0 6ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 75E0 975 B
536 B 13ms
13ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3411
cf-polished: origSize=1191
cf-request-id: 08fe4a405600004dfa38af3000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Y6npF3%2FPCU60tqUWNUYMNB3oZLz53vCoOnvvBcp7WldZLudb8XCqSMDLgA9P6e6NTsT%2F0h4iCjPD3QmUxeVJo%2B9Vhs6N%2FAXOLo75reS7SDaYdseJAxyqy3WDxA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 6343dfe08a644dfa-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 75E0 46 B
495 B 452ms
151ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99d354be528372d292b260e77a7b1512c3b4d982b4b6e3b029f12b655c601ac5

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.doublemax.net
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 75E0 535 B
1 KB 554ms
242ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2Fwww.moneydj.com%2F&xr=1&adid=ad-BE778B69BA9E34ABFABE42ABA9BD6B8&w=300&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6604122609481526&ao=https%3A%2F%2Fwww.moneydj.com
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: a47fd1b0ca47ceb21d1e335d9f4438cdd7c8c11276acd79057ca14a2d4f56d09

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
x-width: 300
x-height: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.doublemax.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: 47a278d2-74d2-34bd-9f44-33649e747c59
connection: close
access-control-allow-credentials: true
content-length: 535
x-adstyle: banner
x-adtype: html

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0C3A 2 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C3A 117 KB
36 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0C3A 12 KB
5 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:23:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0C3A 0
0 18ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQJ5Bm30_763tN-mg0VfBlm_AX_od_y34X_EV7SbpAEMNbaesX401_SHcPsnziQk7asyE-kq82hnR9Mo6nMmWUZyaFkg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C3A 0
0 46ms
44ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDKUk4UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErAFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJlGRiltI89dsl6rbkiAgihA5ogAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi00MTI2NTU0Nzc5MzkzOTg2&sigh=WGRUkT3EILY&tpd=AGWhJmu2dxgWf2JCOjHcau1PB_YrHtoQWfVqXk6ijWxoPVyo1A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 01:26:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0C3A 0
0 40ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g5mmf6yq120xkkf0mg3t4eg1mvwbcys56kb2wxdn1kanpdevnvvkyqp4yjbpe6nhavzecfb9g88raksp8mawr4mynna4s9ww83p5fdjh0nwsvwjdx9rch4v023sdgcf7mbbpyc22h9dw92hen5fnxt1tp177xejw4e6deayx29kmekn45b37tvnsrdn0q9w1hgkrr414d1gnpvgt1pv2zh4zk6qdhjazyy4hxsg5qqhyaqhz5zhwg09ztcb06qjw1s0hpkpwgf4jtha1qndrrtgn26vy68n1w1vnr2kmgf44tr6y9q8ksjm42zddebc73xj4z3s8gvyqxygm0ve7r90ja5ycft4trmb99eyma2mj5dpx3v6rx95r9xyg00j740p27t4&b=YFlD4QAB5qIKixI1AAubxIf2psJzVfqc6q7wmg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 7121 2 KB
2 KB 54ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f701c8e493fd002989ba115390670a61df85ada43fcd5828bbd2bf4f5b5ee66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3d51f5e369618c240cb1d0d96916e6531616462817; expires=Thu, 22-Apr-21 01:26:57 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-3wfd
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 08fe4a409400004e4480368000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6343dfe0edc44e44-FRA
content-encoding: br

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3665 1 KB
755 B 10ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 16:59:40 GMT
expires: Tue, 23 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 30437
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 900E 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e31e8a7e8ba1be78d49ed84ccedc82d092b10669b67a5a34058ac7611f4c2481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6544
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 900E 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
DATA 200
OK truncated
/ Frame 0C3A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ede3636887fdaf3792ed735161785a306aad376a42a212f0e69abe8e192a5f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E3A7 12 KB
5 KB 11ms
11ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10983
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 7121 58 KB
58 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date: Tue, 23 Mar 2021 01:26:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 657230
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 08fe4a418a00004e4447a45000000001
last-modified: Mon, 15 Mar 2021 10:52:33 GMT
server: cloudflare
etag: "fa5bea1744ec28a282943760d27d46a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CJgu3tn4uH3NLSQqaWufwiwzb6JlSQVTEulN3sQ2Wx%2FwPqKX2EzEHW3W%2BNRbQH0G42gUpKPgWAU5aUcJP%2F%2BMhCotqnTxkSYVNQsBREVPmRA25FJo"}],"max_age":604800}
x-goog-generation: 1615805553645751
content-type: text/css
expires: Tue, 15 Mar 2022 10:53:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 6343dfe27f234e44-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 7121 66 KB
15 KB 17ms
16ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30b242c84812794bcaf014ddb4a84d9147aa6009df4fc36a4ad78672f6bb384

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=2vLrKQ==, md5=n157OnPd9cQ2d6V3u+7jRg==
date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 31027
cf-polished: origSize=67991
x-guploader-uploadid: ABg5-UwkjG8EFafiOWK8tQ6plEMrdPuwJEjE0hDCBRCNWuJo0fuHOfE5LJ1iMPbCF8xQH2LvXGu0EQkVpfxSqk8vfzUzRcXIvg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fe4a418b00004e446fad0000000001
last-modified: Mon, 08 Feb 2021 16:48:52 GMT
server: cloudflare
etag: W/"9f5e7b3a73ddf5c43677a577bbeee346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pGHTmY9G0tt%2FqQD9sNCoE9Er4Rfqx8WRt%2FmuY7X%2B2g2lGT5VSAasNs%2FHLs9jAVngq0ktqu5LFNJK951Sms6se2hlOf%2FsCogG5doJ7tS2L2fwVDmA"}],"max_age":604800}
x-goog-generation: 1612802932827932
content-type: application/javascript; charset=utf-8
expires: Mon, 22 Mar 2021 16:49:50 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15615
cf-ray: 6343dfe27f244e44-FRA
cf-bgj: minify

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3665 35 B
462 B 24ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEChdaF4j99eaN8cQNUqW_Jc&google_cver=1&google_push=AQvitUIf-oj16XL6IBEUQxyJuA7hBN_FjUqQE_iBi61W2Lzv0LkBQNU_r_EqJfTXDGsaU-SEEnEhPvHoEqD60rxSi8EgKgYGQBE0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3665
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJILPby...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJILPby...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Ut...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Ut...

170 B
213 B

61ms
58ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U&google_tc=

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjMwMTI2NTg3NDE1NzYxNTgxMTg2MQ%3D%3D&google_push=AQvitUJILPbyVteFe404OMgwPfqN5iP7vCPoZ6giILGtTwJC1TIb1TBTl4ZIjfytcdO7Utafvhhl4cS8hn5GtrHlN6Hf1zUymf_U&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3665
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGkjjaZ8sLOmUPxrbezLRNE&google_cver=1&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6
https://rtb.openx.net/sync/dds?google_gid=CAESEGkjjaZ8sLOmUPxrbezLRNE&google_cver=1&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&google_hm=cY3sRxKKwxMGaq-VNMbAPA==

170 B
213 B

57ms
55ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&google_hm=cY3sRxKKwxMGaq-VNMbAPA==

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULjxCG2WR9WUICyunQbo0dWsgEKQ8nL5WIQcdNO5nu226Wd47kd5nvsDbM-UXrRtmPkhjAZ2xI2KByAONcZSwW5bEcy5Ha6&google_hm=cY3sRxKKwxMGaq-VNMbAPA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 64e0klk4ncu6045i6rm5q4k7ik54jfko

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3665
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cueFsPjSA-SSZ52bpOGHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

60ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cueFsPjSA-SSZ52bpOGHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJfExdPYReBvo3CFuWsNQWvtTSFNuOZMiMyGx4r9Ke9AL2moialsubTIAg9zjexWHTCfKBYAX5G4huZRfp-liPdiRuAtGc-

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cueFsPjSA-SSZ52bpOGHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJfExdPYReBvo3CFuWsNQWvtTSFNuOZMiMyGx4r9Ke9AL2moialsubTIAg9zjexWHTCfKBYAX5G4huZRfp-liPdiRuAtGc-
Date: Tue, 23 Mar 2021 01:26:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3665
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIOHRICgv8NcrKMvL96KzDo&google_cver=1&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MQzg0VDMtMUgtOEpVRg==&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9TpvUj2JWs41gLhRvTlsSpI6kD

170 B
190 B

59ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MQzg0VDMtMUgtOEpVRg==&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9TpvUj2JWs41gLhRvTlsSpI6kD

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MQzg0VDMtMUgtOEpVRg==&google_push=AQvitUJ5CnSkuOHIE5B_5Ch84sS4bB_ibyHRopJugYr9rv3i9iSRNj1Pc6FeiVRUVaqHiZwIAP9TpvUj2JWs41gLhRvTlsSpI6kD
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3665
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFlD4VXq6tQ5vlKf1tPm7gAABIAAAAAB&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpL...

170 B
201 B

58ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFlD4VXq6tQ5vlKf1tPm7gAABIAAAAAB&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpLpYbisKsVv5uFcpBGxFPbZEwY3lwpndfTEl808uUXV0bU4F6YO&google_cver=1

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:26:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFlD4VXq6tQ5vlKf1tPm7gAABIAAAAAB&google_gid=CAESEKLwZesu-e_5Suyd4hc2uEQ&google_push=AQvitUIH6lNX7nMEmHhKEuNXH26o8JRZcj6J5RrRbtCcl-_lvpLpYbisKsVv5uFcpBGxFPbZEwY3lwpndfTEl808uUXV0bU4F6YO&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 3665 43 B
295 B 94ms
22ms Image
image/gif 2a05:d01c:1d8:8102:73b:46ad:270f:ab37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBz9ItZfm8TEl-cKMTwK1Hs&google_cver=1&google_push=AQvitUL9IYVTTMpkTUQwJfLY_ImWK54oyEdNJHDEHAXMNZBUA_uHFbZyvu5maIONMNfgmWPKJohosjp7BXib819S3tEv_ZzsVxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&dt=1616462817024&bpp=3&bdt=642&idt=54&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=2379781003120&frm=8&ife=1&pv=2&ga_vid=956878150.1616462817&ga_sid=1616462817&ga_hid=1516031963&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3060516726&scr_x=-12245933&scr_y=-12245933&eid=44735932%2C21068084%2C44738185%2C44739387&oid=3&pvsid=2995749573179048&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mtklmd9i0ktr&fsb=1&dtd=77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:57 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 3665 0
26 B 67ms
53ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlQsaRTMPrQPQd_Kt6jGjMcJDwMgCXjcBJL9VL1SuCqmFysvLD3dYZrQ0bfsnhPR0Ndor9

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7121 3 KB
4 KB 37ms
11ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3532
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 08fe4a41ed00004a569e924000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V4Acire1k%2BrL9DmtdRiXkxGXYAfyjOeSAKFlX2APx9iQb4CtYQMrlb78HzZoppuxdy1lOGzt1vR5HgnCDj7GbWsqsBTQp0ZvuuwPSt%2Bfk6ZUzwKMex%2B3hKaDAs5PipCiPg%3D%3D"}]}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6343dfe31f934a56-FRA

GET
H2 200 frame.html Show response
ad4m.at/ Frame 5BF1 2 KB
1 KB 14ms
13ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-type: text/html
set-cookie: __cfduid=d300b7759be13caafd4518a142d4901401616462817; expires=Thu, 22-Apr-21 01:26:57 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 23 Mar 2021 02:26:57 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 323548
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 08fe4a41f600004e443a05d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xfcZrtdjsdC4KIA8qBRMJ3LfrUv%2BaEYn%2B4lqG6c4g8mgBizVgtU%2F1%2F5ikSJNx8hfdPCyqdqaoj0um5zBbEcRLWuBAUo%2BT6SWNkTXUW1h6s8bIMfb"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6343dfe32fe24e44-FRA
content-encoding: br

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame E13E 807 B
575 B 12ms
10ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-type: text/html
set-cookie: __cfduid=d26229b4161bf8c92c4d4deca43b175c31616462817; expires=Thu, 22-Apr-21 01:26:57 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3259
cf-request-id: 08fe4a424000004dfa3b94e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VGZc8G4PsmaoRta4ZeoN7swR%2F036aXHZ6a3xrcLt0BitTI7Zpo3WJQjqzjoHCGR8HQiMqV8S9K0pebR%2FPnq1lODxCzgjJdw9s8n4wvHeV3VWMWeBdwitaTa4XlY%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6343dfe39d754dfa-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 75E0 35 B
266 B 418ms
144ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:26:58 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame E3A7 14 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E13E 57 KB
19 KB 54ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 723 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19748
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H2 200 frame.html Show response
ad4mat.net/ Frame C3A1 1 KB
1 KB 40ms
29ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-type: text/html
set-cookie: __cfduid=d96c4a59575f70e024975828583ab4d591616462817; expires=Thu, 22-Apr-21 01:26:57 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08fe4a42c100004a568d0ed000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j7IKcRvtQsq4f1xWYA6BZ43CACQmtusBSQ1eH3cKBJ9ux2TJMlr4hqyAKii0YxBTbkDu2zAJA8iK8Q6sgQS1hxg65PN9ucC2VvH6SD67%2BLdh3T3Q4LS4"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6343dfe4689c4a56-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A07C 138 KB
49 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:57 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BF5 0
46 B 45ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=2995749573179048&bg=!PD-lP3vNAAbUo7L91KM7ACkAdvg8WlGHnGlkThY1HfO2eRusWZ9SZiip9g68Ft6DHyvgp8dI46UXVAIAAAJwUgAAADFoAQcKAH4_UTRBwMgKWCvbuvEj-wpCkTAVjrAwdLy7s_hDmt3m-0kox7Pd2G-R8wqlFGnPhadwoNqAz-AVPvSDnJ4OPpOZkocoCoOcBAINhVWIthiq0Gu6PUJCVZz92Ho1Ji3o4raPo8Ft_kIPtR3ZihcbOcQeNalFvDl7GZMIy8-eJS2ZArp-m8a6LXJFlB_ruEHL42GQn_Bkk6sYOIu2LhzYv6IrRtwxUBTlbuO-eZPRH2Cf_cB12EFcYCUjacA6OWyBl4BJYqZDbuEmhYkpRW5Xy16O4jLCiO3e2EWboLb6b6Ow0TcZgIsqSjrypBNfWgu0nKT_6Z9XJ_4yeWh076Mt2292qX03L8UggLY6sJ-br6MDomVpDFqinW2vlUFPVTv1NPq1zbREOTKBJh3BR2Lm23zGjEVaigs3WyFXQdHez1tsFS4sMdEi7vQNXF2ztA-GAUb3ogLNhsXNRds6VXOsNTltOc1O9NhXQppfxpXZHSU25XN0b0949e5WqlJn2Xa0puz-kyl6I1WNNvloPvZ3ZTlrUxytDf829zc2c-dAT3-Zqtbyut7lfbkz54AIG2H6XuyEeNOTxybvNtIK0Xlhfkg4AUj2-jNLd75vLntwb74VR1OGRAqcBweEXR15D70QFROF5pasexB98gbjOYjcplnObOVrm5aN8OJsLFb1tLRlcjXzGyOVFERVhFQsOs3JEXJzUbMV3K_kF2E0fAz2QVpm24pYI-kwUQMkTDRG4h3ZLTiuCoVI4XdNo29fDu5Epedby-LitbIS1LmewgOEZkN_qdL42GVMbnOMInicflQCOVs2UJFKB2syYtl9HSxIeFP9yMVbBJ3PYIQFq9nMJ9uEi_L70Km5Q-tsmrGYeFcSsh_BESKEdMG_LZXq_PZvSpGji-IHCtp9jPxUwbQRlUpGLpmJ1hAuhmdsQZt-JhtRFknOpduOQvUQ28IHHeqh06_o1p4LBT8nyhAMXhzR8FxazAR5RtvEG7aZVTq8W8gcC3WcFAPnbRBuWGSR8qJkSbYFjkEUtQPAphOHyxrJ98F3jhukB2vqwj5qSxXgRiCk_QwyJDz2PRTguov8wts7Ief9jr3RQZN28_MLhA

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E13E 285 KB
100 KB 53ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ Frame A07C 226 KB
85 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A07C 107 B
146 B 20ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=adx.doublemax.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A07C 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adx.doublemax.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE7E 66 KB
23 KB 266ms
264ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb638ebd326924a67dc0aebc00695741061868d66b37706bcb20698629d5ae54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnvrogtaOzrdZ9T1a_GA-yaUfm5_GlqY9iWWut3TuFtKNw9TBB8kcQ6js5Ng_Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:26:58 GMT
server: cafe
content-length: 23448
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A07C 8 KB
6 KB 24ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e1cc49f3a841fb7006c3703b0a953fe3a1774d498a3b9fcd641f723fe5df66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A07C 73 KB
28 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame E13E 107 B
146 B 19ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E13E 107 B
123 B 19ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E13E 330 B
164 B 75ms
74ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=19137717402205&correlator=3561693651560247&output=ldjh&impl=fifs&eid=31060344%2C31060367%2C44733567%2C31060505%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-38&ecs=20210323&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1616462818378&dlt=1616462817872&idt=467&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=izex3pcv1jir&ifi=1&ifk=923963767&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=760341021.1616462818&ga_sid=1616462818&ga_hid=998359196&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

02f9034cff464e03ba97fe312938f73faa6f0f20f63a380d597be280c8b5b450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E13E 0
0 65ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame E13E 0
0 7ms
7ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A07C 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E13E 8 KB
6 KB 24ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4ef97cf8f4e82c63b21fcf72f4c61dff872ce3a5d01fa38607ca7222ccbe87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6546
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6FD2 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adx.doublemax.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adx.doublemax.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10984
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E13E 17 KB
6 KB 76ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C3A 42 B
108 B 44ms
40ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMEcSufmr8i_nyxaSzoQQ_KpgHznGygNUjgSygiVZNx9WFXXHx9mrjEhlxLwurUtixK5jPb8r0SlDL6rx7tBRDHn1bbJPgtQ&sig=Cg0ArKJSzKZ-RAoiwGowEAE&cid=CAASF-RoPfGScpbqeAk8fFtZiuBo-D2VbrpX&id=osdim&mcvt=1058&p=0,0,600,160&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3457804429&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&rst=1616462817106&dlt=213&rpt=68&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F164 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10984
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame DE7E 1 KB
980 B 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:24:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame DE7E 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame DE7E 2 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE7E 117 KB
36 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame DE7E 12 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:23:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DE7E 0
0 15ms
13ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzvCwRK33IA3m8ACCkxP6zjFpydEDjSkyx3e_ScoUiinas4yQfJyE5XALgOE8astpfzGMJBBQa1fA8rNYFDjdpbAQwXQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame DE7E 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 399118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE7E 0
0 45ms
45ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK1SG4kNZYJ3KFNiU7_UP1q68qAK-h6X0Ycih_7CKDa4CEAEg2p6BGmCViriCyAegAYu9r6ECyAEBqAMByAPLBKoEswFP0FnTkWYpuBfKd1kCt5GIlW9IUHB34vPQ08Pcect7e8-SrTR-YOgdvYZVpobsk-kw-75S3nNvJPahSgEFfEm-x0MxLdfq-zawXHnFGrbgJJAIo1OlonHrNfAqBWWDAHf9UmLMQk1gZ-jQ88tE0TPNsrTzgqiAKm81WclpbhFPyOtQE7j_tiI0gV_C1cvXdNrNTqYiymq9b_XdRnoJBR-g5kMSysTGk_00iqGSXKueXedZfsAEsMWF2K0DkgUECAQYAZIFBAgFGASAB6304OABqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENOgBtIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2&sigh=KdHL4LKMIGA&tpd=AGWhJmush4y-_TEon9uNntnuK9ZrsIvaL11cw6Ahn6a9d1WnRA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Mar 2021 01:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:26:58 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4503 143 B
226 B 41ms
36ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142528&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&dt=1616462818119&bpp=3&bdt=748&idt=129&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&correlator=5252129071569&frm=8&ife=1&pv=2&ga_vid=229556015.1616462818&ga_sid=1616462818&ga_hid=918903374&ga_fc=0&nhd=6&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=272060318&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44737458%2C44739387&oid=3&pvsid=1167218669310016&usrc=1&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kd4x0selp6tb&fsb=1&dtd=195

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Mar 2021 00:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2732
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A6A5 1 KB
755 B 49ms
44ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 16:59:40 GMT
expires: Tue, 23 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 30438
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DE7E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd3ebad2b90063e21cc7bd25cbc739f078bdb482d77b8cbe775579bdf0ad60ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FD2 14 KB
6 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126602
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 900E 0
46 B 45ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031701&jk=187885298557892&bg=!2Nul25_NAAbUo7L91KM7ACkAdvg8WoQxyp-B4JNNSy61LIBkjqcQE-0l7fQzIveRiTykm5dmjGs97gIAAANWUgAAAFloAQeZAqDxJ-WWkoNvDt2KC_WZVWL7GIJMPCYqj-Mg5m3xIxIWLYJRFFpnKu93nsBZOn-WNbNR14UYjMqpvwTpC32AdkIKZ_K85m_qKNiwMe7CWCzqFBRqRlTHx_agCQXymPaimi6XWnvHQzjQQLdaDJ9yekYvO7vGeMyHUAynDqZcZxRqDQCIkV9O4hbyNHHPpQlbBl1FrKWzcF1Obyl4WhgswyoxwYrmanoFizb3L8guBW7rQmBAp_U4nsyP7UdLHeuRlk_hpYDrwDU6xEI7yRUZYG3YaNwFsfErMsbsMyRJqv3Lr8lNqooPqtNBWNkpS4LcNHRjSKgBXPJ-ZdZubF2VB-CStGBh_K4e7swehuKoTwfCJ8ngsOTRLySZeV9gCk9s-KApGQ5P9QzTCsudI4oW6o_gXdACODty1RUnXf8uaytWJTMvnhh6id9LD92z4Xcxr1CediawCavtQl5LF66zk6sTh4Y2Y5RTYuTv14SLJ5VSyOda-3CVQs8Q68sK6TUz3_UZ9Jmmjz77JXdCQMYPkGjF1BA_X5ua9QThdMmw1dO9XmOiRIcTWL5RzW1vWAQUs8Xt-Z4FCTt-CiZoJrVWk_tqVPVv7ivBUdeZ5SaOl3pNnX648Fqa6MHqQxqx3b8rsNjpLfnwQn8UQNYM_Z5OZMGb7uo-W2NtbPQ1wRls1fsIwE5pvCVSLmCGwGD0qOZrXDMG5l3bm6C66yDZHdrlEsvDWFPswKPK3EM9nFfISNKEOIl94MOM1l75XyKnrhF2thqxIW_KfTMpKNOeJzhYAzBn7zpuLr-49INHhKq6ii81TSdO48EmWUv07wqoNI-cQaRv3NNHhOMT29_AUYMdbmfz4XGDmOmv14JQGE4XCOrTHHamqpFcSxCVLNGuvxNPkzE

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame F164 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A6A5 35 B
462 B 12ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEChdaF4j99eaN8cQNUqW_Jc&google_cver=1&google_push=AQvitUKiFud6c9Y2alePhvvvr3vndPffPZaf21joT4hPgCFfGbXydCHOfAe6usvjY-Odfmxs4uIm4GvYD-8OZ_K9BWO4kupyF1J8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame A6A5 0
16 B 54ms
53ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iyd42dR9IFhfaIJ95P4jogyLxx3sXz

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:59 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4503
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

19ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Mar-2021 02:26:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 01:26:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:26:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9692 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A07C 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=1167218669310016&bg=!dHeldzPNAAbUo7L91KM7ACkAdvg8WmfCo3vAB_-Shhus1V6lDkHL8SmpkXdMNA_G-uLoQBzEF9lo6AIAAALCUgAAACloAQcKAKM6bDLjjMCfZPvtwjinSum9qwM38rwmOZOACM15QO1PcT0lJFawmXnt8xuXC2Toh7Wls_JL-WvTaHKi5wNL3yH7TVDWDa6kHmbd-5MycOTo9Rtrso8ou1SQm5UJM2gCyLg4H2m_HzS16DNGqcb44-7NCqervfiLhw-WjPd6Ok_Ts0LYracm7esjfftz4GEK9Kijgmgcm7a0J-NnY3zyCF93btVhmQKA3hZ6hEl-d7GB51Ug68kcRQOLJ9WJ8_8Zj5qpytaKqNDWfC2auaMLPVE9Wjtg3xtZ26zXXny5YGgPfVJR528Dbh7ASrj6jYECXB94IYyA8qUbYaJ-aicKieSkUSpttJlW6m9DhBrOKFPqktJvLrzq2Y-mHcgAIvcsgxV5eD77O2HulGmVGm2EmQAP5Wg70Ki9FbYPLf22HGTvpn7VxYCudGRdjVfam3gAB83iFRfnK7jLCmOuFGwuYdSkq36mKJY33eB-NYmiH_AfdXcDTH1ShH6f38IlEtAk4-wLgYZ7A8psyJ22b2ya9Ouh9llOcVJwF3SBsxEjmXsIJ6FuG5DGfB_Jwi4aawX21Zceas_9qG_8C0NVfo5L7m0w_f-8_INSXaOFVxlsnn-Nu8FXcpTiykRydrnKM44J1rSLoSHnL1RQfJOY8D7q2TlkHS5rRqSSEm7rMKkBbG1XW_C3yx3hI87G4eljDTgRQ6CfAbTDnXDsifA_O7puwvQMgCfa3Ppj3jJzmk0HbCOE4KgZ9fAc9jY-I9DPMSejnCldRNH0LW1P7iZ-_bg2PF4QI5VI9m9oFBxDx_5d2ZXU7BuogiQxTfLVfyu42U9_rg7dcYvyQ0NbLKAPhbAgTRWF2MizGmI7rAl3m1pSD5N_uD6sZU3rF8NBzMOSCUcDbLhwGRNfRMyaewzqVQJ1_vook5OuI3Ry5OVnWZP2D5Hec1OP1ZBJ7azwAnN8hV7BURbUaRltT51ehtOVCfsTlk0PQKMlfgJljfidQdIo2Hxt1LMVWZTCWEeoeb2Oy2LVbf55fjYA2RciR8r2mwahWSfUGC2_7Q7YUWdfrZ4WuEYqS8vAhd6yXw

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E13E 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=19137717402205&bg=!u7iluPzNAAbUo7L91KM7ACkAdvg8WnHlJZDmM-55YRobBG4FwJ6o5_4ENgA991U9PKlWiCcfllbwvgIAAAIoUgAAABBoAQcKAO-D5No1t4spNYn3_WCU4Ptl3Ykq7DWfJq2FO3xAoaLRuaUQLYoojPR6xFgyfwF8wuJ34Qmmxx32Rb20S_bRsKGG6qt585UhuDj9CBEI8HKHXp8OpU5HOyfSLtlencNPpKnYc66mn9VGqME3maxmDZ6jxD5-XmlsVNZpscxlT8iO9M5tpW3IulPT8xUsBbMwQPuvAqNDky33aTjEZaMfvZPsvD53OH4ah8QaCco9uH0k6kAQmSVV_vTyVGTGEfF8g1wF5Xgca1Tzop_xBJth5HaYPfT1pIxS8tGxh5vGYt9SZEtb-Z-gttg-z22zpjC1MpkCcTTFzfvZlrYGFvoH1uIeQZP_B_lMziTFu0X4LP3TcvSLVQlFdIS7q6Z-oWxCwWIxVNyOnygQiovL2Maf4-2_8z4eNRy-STkK8Ua3C_WCIfpjxrrh7-MOYto1DdwR_tPbc5-2sqFkvT7i7pA-s2YbuCyGl5lRBUCBSUQj4XYPaUxL9TSCwfp6XC7a5SQeRFbQK30InxF0BHItUZCK0Sz_8rjd1yFltagW4hFGJeEloOMx9H-iKlubZtX8wkJPCFON4yszJmWZ1M8Xval-T7wC_n-E8ZbGvYRBF7Eavseg3oa3hup_6W6LxRv_BuIJmQs40RZkfuiRw3Sw8dxpKBvRERADXxMQJiJNx_gqoPKN9PGkquC5S4RrZhMZyT-N7eSx5JkaoeWQyVFH4PFsw3zW7Z8SD8YiSi2n2pSqiDN2T1SDJgoSiJEdG2uEC58hhRzzBwMmNlhVKd09E1l6UdGrSNfk3UOfK6qIfApKTLyy9o9-tgT_Xkv5T29bh6QJWNREgTDF5tr4r0TfyisD-LaUDRkrfR_Ctct_AbziXonyihrcGIBEz7YPMIbsEvARnL_t_46xzLBHSfN2ekAUPBiEDAKllc_MzV6EwC_T1E_S7cDhRad_J0oixwOd_dRbU6XsVhHiLOgCU9MgUXqBTGnBorMIxBxWNu6JVNBjI7lKa0uEpOzIW5DDtP2JC8T8Nu-eiMOZ5GbODjtyIqRF8wmU64Y5yLR03o4cA8WLnHNEXM6CY2BJkju2G_D5cS8zKy6BfocSrizMnenyR4x7hR6Z_SckygA6a5JqYCqJ-j8GrSXpuGFfyXchW8I0myJMAUJ8jiE

Requested by

Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:26:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame 7121 1 KB
2 KB 18ms
18ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf0f9f79328af0153431890c9eb2dc5eb5f778ed7d6f673fb206a9b45dfec36

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gankw8srq16c4q9pqc7gtfnwhe819shts9nvhzcmehhydhge5aw4xzhpjyz0h0btq48c5es18x69a7afjy6xvebe68xj1gh9z1mhn0kbbjjyfydedqmvf97rg7s6wyv740b2m71wn0qt8cfax9yta77q2p9wa9v26m7x4ds9r1mvjy6x1msa8mwrn4kfjzcaht30ew0fqnppghz68k99k7r20dm6dbwsekqqzjpw89rjn904aqhadxqv9584cft3tfcwqcb443fhycbt84wh3m0wdpxgh6qh1emth38xw0maz69f0gawa4zzf2zp08pa2dpwhv222dn4kyjsb3zv2j55r402ghxv0krsc1kmjb0tj25da4p1nrnwq8ej&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%26client%3Dca-pub-4126554779393986%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 01:27:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 08fe4a4cd100004e44350cf000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HdTPAT2BX6WY5TU0WnOMWTeu4wnzAE%2BwLwvX%2FeAJKM%2FQT0Z%2FG6WBcgL%2FgNdh2mKPv%2F4T1CIDrBn%2BAvmSauM0XkAYxyB609k4S76eWh8IclFAxeTY"}],"max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 6343dff48ac74e44-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame E211 9 KB
4 KB 25ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5577d11e87111cf3fbc8b5999367bf81143ec07a9921380616ce876e73e2f049

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:00 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d0c3794f52bb7eecdb046629187db15f21616462820; expires=Thu, 22-Apr-21 01:27:00 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 08fe4a4cf000004e445e1d8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6343dff4bafb4e44-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.2/one-ad/ Frame E211 58 KB
7 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.2/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 381371
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
cf-request-id: 08fe4a4d1300004e442290a000000001
cf-ray: 6343dff4eb314e44-FRA
expires: Tue, 23 Mar 2021 02:27:00 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E211 18 KB
19 KB 32ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11585
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-Uz1baZR1Aog6W-IbtE2gZF3vlc3yagQ06VPnl5eap_LNwuNR3m2vFbyRqgJ19tB1GvamPI5JGNAtIyDSHY5LHw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-request-id: 08fe4a4d2200004e444d8df000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRVBQxThwxam9bNqEvD%2B%2Bz9qZ6duY%2BEbK6q0q8TUePIaR5ElhF4pjupjCui%2FSv%2F793nxslyFHMMbtJIFryP%2BsPjN8liTrTuv0AYMe%2FYs0edMU6UlMtD9HJAyHQ%3D%3D"}],"max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6343dff50b4a4e44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame E211 2 KB
2 KB 30ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 12713
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uyg-8EEmCw_FZWqXy1DjFCPrUZDc-jURet5x7tF0VlCNZH8IP9u5joVorM5CvgjlMRj1QpfLRcH4e3TpITaBBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1598
cf-request-id: 08fe4a4d2200004e4414030000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w7GKFQ3vZccRtGeMfF1j9tWsi2DmizC%2FG9ZTRU4DJXq%2BsKdnq0vFqSsujgXJ2Nkz5YON7L1cKn4FSd4b2oBU%2BML6xQBWUUp8Z0fcTfNgVH%2FZzC1EXBgImtNnuA%3D%3D"}],"max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6343dff50b494e44-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E211 43 B
703 B 199ms
84ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:00 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E211 38 KB
39 KB 31ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10298
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzxdcei8xD6Oo3EN_8f0LF4lE1e4w7aBmBeAQRZaTISPSUqPg_KNL9WnLaXXLnKGXBpdJqDmYJ-hrtT9AeMlWs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 08fe4a4d2300004e441b110000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p3t9cLUoLyhkHHxlxQLi40plKJQI29XQMBTuRvY1Hoe84Ia7Mp1gFTOztSYas%2FaUFMh%2F%2BmLSrqJFAVbjsxUM7FlFroa9QQXN%2FoO7rqh0LPUVn0uIgoUsmznwOg%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6343dff50b4e4e44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E211 113 KB
113 KB 36ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10715
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-Ux6Saqq2mJJkwerXOInfdpw_yFLq7vVGg3xmI9QNMlLwkQVPnLeIeqgj2soWmM1p2JBZbVnkW60nHR9YgTmdgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 08fe4a4d2200004e4411b6e000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JTjhQi%2BoeGv1wqZFyzk%2BiRTwbZPkFESrGlwKeCGsZ%2BuXZvfoiNeJOsi9VUD42Va0OMMvbRwMDcShqc3UYnHFqa8zX7AsophiA%2ByslufRu%2FEoZqGAw9T%2BVv%2BEzw%3D%3D"}],"max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6343dff50b4c4e44-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E211 43 B
704 B 200ms
81ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:00 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E211 38 KB
39 KB 32ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10447
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UyKM7FqItnGG-e_E_Jh7DeQ1nuBzxaZklnDwCKQM86LcfSGy1Iaw8Qgi2QkD0WX39Jtudz2QwF-cIy8DR7eYfE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 08fe4a4d2100004e443a968000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=suZcYlnH%2Bacux3hOYrH%2F6dGzAVpnzobDGW6BJN0UY7yuqVku7RNR5Kcb%2B8xfgMmE93smfMQnodqa8Pqj0Ih%2Bp7Q9DatWKqCkcFKs6L%2Bdr89irddoey5ci8du%2FQ%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6343dff50b454e44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E211 84 KB
84 KB 39ms
27ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 23 Mar 2021 01:27:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 841453
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 08fe4a4d2300004e4441bc2000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T1dL6DOmK%2FeqnoX5lY4DYrG%2B5az9Oijpy6ElnhlSFDw8eD1afrb6J1ztyvsq%2BCzIF4tvhE5YQCL9UFL5cvEw1lPu6ZNqwc1MhfycsVGIsHNblIhstuaZkVSMXw%3D%3D"}],"max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 24 Mar 2021 01:27:00 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6343dff50b4f4e44-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame E211 12 KB
12 KB 377ms
144ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 45e2bac374d050713efc573cd686a69ec56839653b67580fb11640992bb60ec1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:00 GMT
Last-Modified: Tue, 23 Mar 2021 01:27:00 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E211 59 KB
60 KB 284ms
134ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 03:49:11 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 79438
etag: "18c1dfef830d61a2df6f2a6ba04e9d17"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 60911
x-amz-cf-id: yszaahOdsbS1qDghWQKV4niphI2mwEP5by0OWgWN_i5B-pdnPw6OdA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame E211 79 B
374 B 270ms
76ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCVZXnN9.c.VKpJJg7Q_i.uJtHoqvynx9MsFyxYM914Ve_clrKAU.0Y.KI1I_8DK1civpEpHjm6l7pp0iJ3A0KFgBFY5BNlr95xU..Dvh&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221616462820%22%2C%22%22%2C%22%22%2C%22%22%2C%221771982820%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=11564b2b7c115b40316bfb3cc21d5011&userIP=194.99.105.99&doAffectv=1&wgtime=1616462820
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 Mar 2021 01:27:01 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame E211 85 KB
85 KB 192ms
69ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidwxVwHdfjfEQMhEHRH2tXt41MTYt9tVwoneid__morgenpost_advancedad_160x600&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=6090ff3e20d3286a1c6915266be1bed8%2F7511384783185288419&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21fstsnx5fy1tda1d5a4z37erk414dx807nctgbzy31x594x7978xmhzbkzxg52pb7ze2srcnrqxt7d6sn04nthtjt58mvecm00v2zc5h51czevp56sv2gt8zbvzp1q8bxy7b0wk5z2qb1neq67tdyy8snphygpy0ahw1ds0ncqbxav1eq0xzdp0wmvgw5466fqd7v6zkeg7jj6k82tkeabm9ywe9s14gcje2dvpyjgyaw3z8b7ppe79jt28g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCze934UNZYKLNB7WkrATEt67gCZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTQxMjY1NTQ3NzkzOTM5ODagAcKu6N0DyAEJqQIpt1B77gi0PqgDAaoErwFP0CCl8ppSzvFbL1EPTHrjq588o3gv1n1L1UjkyhHE2d6hU-e14OVNhU1gpkihD2pL1JTg-A23kKZE4VBdcy_N1L4cph1Vt3XamTbkzFa6Qy2KbRNxRbDP77XHMq8e4oRO83B6b_ePM2KgohfC_sJ4R1y8HO8YzXdVt4daWuijPktRYbzOwuqfZFo-vMEWDvmOY44cmyVSQaXJ1mZvBAXpcpvtbf5yUkGwdjd8VewjgAbi5cCmlaHF63agBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3r1GvX7DDYKNlc7ZJKoYWgplbQ_w%2526client%253Dca-pub-4126554779393986%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:01 GMT
Last-Modified: Tue, 23 Mar 2021 01:27:01 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame E211 63 B
270 B 307ms
79ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCVZXnN9.c.VKpJJ7OQ_i.uJtHoqvynx9MsFyxYM914Ve_clrCU.0Y.KI1I_8DK1civpEpHjm6l7pp0iJ3A0KFgBFY5BNlr95xU..Dh2
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 Mar 2021 01:27:01 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 240ms
62ms Preflight 63.35.73.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 63.35.73.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-73-190.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Mar 2021 01:27:03 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E211 16 B
232 B 99ms
99ms Fetch
application/json 63.35.73.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.73.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-73-190.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Mar 2021 01:27:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame E211 44 KB
45 KB 82ms
68ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 05:53:10 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 70433
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: aZBS6iczonLZOJuWERH-Lr1B0RKBGVw1l8qodk2dfcAZEbFArPfG1Q==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame E211 18 B
205 B 76ms
27ms Script
application/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1616462822930
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:02 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 2936059e0c13aaf28cd6f986e7662c29
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame E211 0
75 B 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16164628209273_94995a9d29&programId=12607&expiry=1771982820&acc=wg&scriptTag=&type=postview&indicator=c0c7d1b68827e5744bf982207900ed06&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: ce7608e4af786a090328c04f73927c9d
server: Google Frontend
date: Tue, 23 Mar 2021 01:27:03 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/33501131/ 0
400 B 58ms
57ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/33501131/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Fri, 26 Mar 2021 01:27:14 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a40f26f51ea3b985d37de2bafc7ffc204e23cd62ca128ac4bf543e86c1be910e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6561
x-xss-protection: 0

GET
H/1.1 200
OK blackdot.gif
www.moneydj.com/kmdj/images/ 810 B
1 KB 251ms
251ms Image
image/gif 210.66.210.14
SEEDNET Digital U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneydj.com/kmdj/images/blackdot.gif
Requested by: Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/modal.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS: h14-210-66-210.seed.net.tw
Software: /
Resource Hash: 998b04d1f8062fc795d6fa00f1fc7d4f4c3162862c4787d39f4f09dd6eebe541

Request headers

Referer: https://www.moneydj.com/kmdj/App_Themes/Gold/modal.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:13 GMT
Cache-Control: max-age=604800
Last-Modified: Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges: bytes
Content-Length: 810
Content-Type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2A66 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.moneydj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.moneydj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A66 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 14:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 126618
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:16:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 44ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=77596448530770&bg=!kJOlk9fNAAbUo7L91KM7ACkAdvg8WqbwAH7sdOaxav7a4ZlYAsekE2kwQ0Qzc-reQ4chxzgHJKDFAQIAAACvUgAAABdoAQcKAcj-wgI_QcRVYEh1iSVD_AcD2pYZFqCcP5zgeJiiTAx2Xvqcu_y-3kL8QJkAUsMC6yx3awZxzO3Gm-1rSVMxf86-niEckQh5QidO8X5k8SsP6Zw4Ujd7qJrW2KtD-xF5Euzt-6j554v1bOvqO7Y6eGfxxG0oOIVpENDms4GP0yKqMD7X2cWC_hviXKTyuEu1cAv0CzcsWEKshUJC4dIYIVZIskfK6tjzzRKsvkzJ5UAkBwp1CV8Chiidf9u5SjFSDh_3RTMeEXjxFPQsnM2mS0UfFp1RVqolhfx7wfd62Pzej5VZX5wfZmd5r9VSNOcjyLewQ7y7jMcuE1VznDcMG9AA9qPwROH4kA8ItzWRHQGoU5upHdZCu5qekjmr2H0Nb4iKm0YqTpyIE7VT_RdGeuhQXSo_qjDrryv3XTeGdIrrYE2MXIsrc2UF56vJZm9GPO2BSOUVgEn2KX1WnI7eT4_CaOA_mO5Yh7i6DAHBDtZSYG9BLBqYRV2bcRKixqf7uwCQgy98c4kG8KvutARPO5Qqrwu1GAaXEhNF0B5xe404dLyw3aEENJ-O7DbxsFL9ZVyiYCiIycB-AWc_DylVEBbqVY5FGYdmvWyZAcyJwlIYkX0SJd4sZ-Pam5gMvdmkFtSHMpyXbggBMUo0SS7CIbUkIff3MvD_7NrAciAYTOac7LO7-eBKhk0dKJ39lakCiDs_PKXQZMpe2RYkhoTdb_dvLbONXD8HSe6x4QC6_Hcy7DxKnRtZlBsCX_Sq8ApjkTrFNRdAoeu6s32F2gMkArO79fcKwjiVCUAYtq3ravsuKZPc0urBroaK-gHYxGB5k_IIEOQWFelrJlnf9MH-HcmtsNyBfKWaL5xb3kmsEQZAfdbZo2_WexWxmhKmW-ycOwDkVR1wcszMU7vTOak6ZcT7zk3FCrzM4sjup1v6xFfnuSPqcBwjI0DmwWdiNsgwfaNrQ3GGZ8x34APDto9QlkvjitDcver2bRr049wEUjlLqEC_7gsjmrsUsLC0Qbc4haEzGGYTpzIH0bo_wkM8juEPgw4MFC9Q4uzFYxsS1RDa8P1natD_Qdct0rKmKFiKEqkgJxMhW7K1TPMAtIJMGw5029ZlIc7Zl1JlNQSu0lPA_RQM8NQ5l8efdDp3TGvzKnVdeu86IfN4A9K_O64C6Xq7CODHDrUPrMWbS_CjTTcYLlu5pLYa4FuAIo_nR77SWRIWzqibUZno

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moneydj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

360 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.moneydj.com/KMDJ/js/viewcount.js(Line 13) Message: [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06d947f1240b16d180ec63c4e9605136.safeframe.googlesyndication.com
4b0e84978fa64aaf74f56cbb451df554.safeframe.googlesyndication.com
6719f1d8879a49df4718784be35d45f9.safeframe.googlesyndication.com
6ef3adf48945da9d38685059fefba4a5.safeframe.googlesyndication.com
82b6c065a3211eefc7d2b0e048c2ac68.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
ad4m.at
ad4mat.net
adcdn.holmesmind.com
ads.aralego.com
adservice.google.com
adservice.google.de
adservice.google.pl
adx.c.appier.net
adx.doublemax.net
ag.innovid.com
agent.aralego.com
analytics-wg.webgains.io
analytics.webgains.io
api.popin.cc
api.webgains.io
apis.google.com
apn.c.appier.net
as.ad4m.at
as.innity.com
assets.ad4m.at
banner-cfnetwork.cdn.hinet.net
bidder.criteo.com
c.holmesmind.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.innity.net
cdn.mxpnl.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
diapi.webgains.com
e.dlx.addthis.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
image6.pubmatic.com
imageaws.popin.cc
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
m.holmesmind.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prebid-asia.creativecdn.com
prod-rtb.ad4mat.net
proxy-bid.holmesmind.com
r.popin.cc
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
tpc.googlesyndication.com
track.webgains.com
tw.popin.cc
w-it.m-t.io
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.moneydj.com
ad2.apx.appier.net
103.132.192.30
119.63.198.143
119.63.198.172
119.63.198.180
119.63.198.188
119.63.198.189
13.226.155.106
13.226.155.36
13.226.155.67
13.32.21.111
142.250.185.194
142.250.186.162
142.250.186.34
149.129.240.178
162.210.196.208
172.104.64.149
178.250.2.131
184.25.115.49
185.64.190.78
192.229.233.139
192.96.200.41
210.66.210.14
23.218.208.246
2600:1901:0:76b9::
2600:1901:0:bc29::
2600:9000:211e:e000:3:1794:2540:93a1
2606:4700:20::681a:567
2606:4700:20::ac43:4a81
2606:4700:3032::6815:57ae
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2013
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9a
2a02:2638:1::3
2a02:2638::1c
2a02:6ea0:c700::1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8102:73b:46ad:270f:ab37
3.113.254.193
3.114.172.73
3.229.28.141
34.95.67.231
34.96.118.241
34.96.119.68
35.186.253.211
35.201.76.93
35.227.249.156
46.236.13.147
54.149.211.134
61.221.82.13
63.35.73.190
69.173.144.165
81.29.72.47
92.123.148.9
95.101.178.219
0282e0f6178e8571e579219591a7da1e44e728b89cbbc636cc076381cbf9e806
02f9034cff464e03ba97fe312938f73faa6f0f20f63a380d597be280c8b5b450
056ae0c995e2cb4118407bff91ed2a1365bd563f52b8806ae70ce8d4ce1e7971
063f986cbacca9fd13b5f9f186d871d11658509fae78bf80a6ffc50f98ad09f5
076472ea8067fa993c2490404e69e789752236802b85f710541883bce737aeab
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
07ea18cc47c1d37aa2fd7214af4f5387d84f92126fcccb5804d9100350055f7b
086670ac835cb1d6bf72c32a0146baf54f11ba8fd5ef0a2eb77317d9139f5f59
09f2e86814746e389510ec887015b95e6267a82ad90eeff9f7d58f05f220021f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659
0ce8d906856c74a79a728b8d352992c6eb0e39764d3b683036f1f91c9d3455de
0e2d9f743a90363bd9f75fcbe6ebebc01a62fcee838251cadb23e60b9f66b524
0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89
0ede3636887fdaf3792ed735161785a306aad376a42a212f0e69abe8e192a5f6
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
106c04904b570c07db36ece67fd06343462f684f7335ba4079b11a1d7238adcf
10890767f8451d896ff77a8156ef0650a5a7f83304e086c8907f9f5c7331445a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12461085080328de26fc0cdf598d16e1bd5ee9c6e16b7fe6b88d24a0876f25c7
125335bf6e725340c2f8043971bf13d8206d848d65669e96c6de736104ac3ae5
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68
1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d4f6e8496ceeb03a651b50e48e62aaec6074c8c9c4f4ff7a6cab2f728400e21
1dd696049e5ebd6762885baf79f00cea66748561c907422cdf7bc26aa164e4bb
203053ec63eacb1c5bf88ded535e2051bda04569ef926e19647cf2bfd9b0ca69
20bcafc14695138a78b87b2ad80fd92dd39d9973af5cc37a7b1bb01b670d6784
21fd600f77fa9cdcdf0342229cd39d622a88337ede6a780577454c0d5a7f6df4
2221258151c74d7b31ce133e4a84ffc81569f3282aec1137560de34a0f7b3881
22a3b24ffae61de035e980f880569ae085f732bde05715192e963bfae2be2c8a
232e47c1199ade628e6ab88540abca7c1789da3e79f1788b9a6a6448384df52d
24399d873a36277f26e7c16717a2bffc2b1b114e8f5ba7d3e005974843549b49
24af08111a4eaa7af9b691d2b36e4c2bf2290edba765e02151da03ab7b88c0c3
250f32725adf2a833d48acc424fe3708dbc5696eea167652f7e4d76c7159dcd1
255deb0b3798d26eb99ec5608892f4906336a91397aa91f7bf1ad49e6d4ea401
267d3023a0ce2ebe1c367a12b5507e4c1ab237d995895204203bb50b274b762e
2718d43e3dd253a6a4a2997e5f4ee6b3eb8bcd4581453ac3a70b2858f6af2b25
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2796282cad6bdbc63c7704e9ff416cf31e1264c3ed58ec9b2d36ea243f2cb612
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29a62763b48df560d4b33c050fda21af12b028e2862fd3343a66518742e4fe18
2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec
2c8b37d814f6f66fbd36a7e1e2aff7acf9c0275d024cde9c18e717c6d1ddecdd
2d5908dd7471e235f10948142642080bb619ba460376d32659788a0a7c3f6411
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e27421fef03ae533242b5a35b3a198994db9dc580ed6c5a8977614eba50ee37
2e73791f77b96b34a35920a22df77abfa664441d46662dcb8a806e3a5822874d
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec
2f1df89591ec8f48a6dc4ba04688bd9d09d28dc9e49de12ccd40f4627515772c
2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071
3032fff752875a5501df39b2e1e7c12e2bf05e0e71cd6d73d52b0ff22f746ca5
30ae3a086a91c3252a3a9af0764e1f47a838ebb45e8b019baf04edc4606e347a
30c7838ad532a87c087f43172712eb4e3a993b19433a0660ea6f630e243c6af4
36fd029b3bafd141fb21f2c4fb4a832aa48f599e97dd83f9496422f9dd812658
37ed55c7f527462034f604fd9e09aa48d3284f5042c97cba1712f6afd086cb7d
382e1a876661922e69d8951e38e35ea73b315da22e0bea963af49f4ec39de9e0
38d90211619a4572e2b5d01f2804f3d7d5143bd95d3a77520233389273d18216
3940065d52f8b53136b319b9a420063253dcece16b6b6e7ea9367595ae655b54
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3e2d8bd268c51f92869bef967e15d31044c9831dd02d0274b864fb79ab00effc
3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40a4a55cdeeaeb24d5022f530e18b5d13581db824dd03c95b4454b8493663335
41de6ebbe9653813f28709c8ad60193f319a568c04c71198b8dd9ddd4ca125ba
427e11d955882661532a89071884788f31a54cea94684063829a518410aca62f
42e7f2776ebf7c6c73a377024b08dec8fc358251838587b12fa601c131b802bb
43692c5a3e7607f39ac1b09181612cdc6cdcb2081a4ddce99bfc524cc12b3036
451bdfe706227fcfc5f5a6891807cf5d28031230e331f7a642ab47e50289748c
45e2bac374d050713efc573cd686a69ec56839653b67580fb11640992bb60ec1
4608ce05feace4b1b636463e65188e56c7b30b5ca261a70a3a567e9880f16ce6
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008
47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
4889e841a6e60260687d67cdc9651c20c8535c65c768bc85d2d783553cb640ea
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49d6261225985a4f22a17dc8adc20e6385d26af45ed6ca9c847d31fbaa26259d
49fc04b260ac1a7702d64ed979d7173a9447a5952b942f3cbe74f363a0569c56
4a2de800c8ce8bc4c36952d1c806996a5093d6426003d8e9c6e9b05248eecaa5
4babe7b03c861ffd20b3cb0bc4f83a6fd404ff3360090f8033db4f7ea393a91e
4bd40758f4ea07ce84f9faec3e5b88429309b006082e16d2ab938e861ac49bde
4c7afbc506de51bb5152d39249dfb8adfd2f7123b04eef5083afc0698ca984b7
4c7fe2001d62d70e5f063d0647d11623cc12d9348d5c1e5b26cce348887eea38
4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee
4da3a779e79e6432ea996cd1a064704d26fe43421305b7795b87d21d3931a58d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9a675dee82711233e9dd72e7295c7ac479322aed1d8463c2b1108247eed6f3
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f352d28d3fe7b60091e674db1af430d3aa787e74671affdc2cdde1e7147458d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f701c8e493fd002989ba115390670a61df85ada43fcd5828bbd2bf4f5b5ee66
4f8d5d6563606872d6cbdc638433e74c6412748eb7ae3e47be20fe9e9f2f55b9
50eff3da787d341e9ccccca301bf605c62848b78ade155c8a2b3dce48b6e2c64
50fce31106159bb540600c34d2f3546b3c3ae05d885c619d0705e617db5c3a2f
52ca43c7ddac4c3c8d0a803f2bebceae02d3243b34fbcabc640906a4fa04ab19
53b1e4b6799aa648960345ee40c4824edf0aa9f253c3cdfc6b4ddb3251f9c071
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b85078e8213f91293b00f73111d5446826454d1d755339086be35238c019b6
54bcf08b9844662dfb48c7036931003dcbcf7d7fa349ac51b017423b78f0e5a0
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55692d2418e221e86567313b9a2f6965944b2a0ee6051e2aa24078fa8abbd489
5577d11e87111cf3fbc8b5999367bf81143ec07a9921380616ce876e73e2f049
572e29bba4425be2b621a357ce43f5388bbc52f4e23ce145cc71a530ccc8ae7a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57d0627e1aae9f74ebe4f63ab1eef5aba18b768ded1ffdc9073f882a7966d38d
57f3a43ca0b1ac17802723d243fc1d1d98aba942f552bfd3f32fd23d361b9690
585ab22137ac81dbfcc514aaea6f01028cc9413ae319a4c88d3aa535765c269b
58962d431eb1adc153daba12e93b41144f8165596c83e5fc24587ce4408e99db
59854ee4432822a79f8bc0cff6bc08b316899acce0df8f97ace44bab2c686035
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5a9bfe967551d09c00ee79e6717622b899f54d67c99057308bbc4f320c991f40
5c53384eb57611a57a6136766a39fc6deb5da74db2bcc95629cea73f9d87abca
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
6106f69094ce902b385e9336f20332ae2df888d53bbc3b1da6c3ab5bbb87d634
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65cb276688e651b73730817cf765a5ff0dcf7e6d4bfde56a300049a80bb531dc
66d1325c8c80043fe112b0b8006a599e2d318a9f8088ef92863cd6d7bec92e2d
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
678ce45478f188e2c37f414d0b1d92946f4aca2ac58666dd051edf06f2808fb4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ba33e806390a8790df5bc803931920314aafe3493f90765424fb2e7c2c5a9c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b292d95c6c9dbd48c715d5b8ed918340ee72afe6275f374ed457977600365d7
6e31dd0b786fd91dc338ad47d525a36b9fddc0bedf7fe2245b9ac16aa76c9b5a
6eacd45feb8c4bee62bdd883b0dc3a58e2593aef5d5d6e24004aadfd04b0bcd0
6ebfc4a255941a51a405c59b3d532ae0afe9cdec2591374ac1ea80d553f5594b
6f5e68d657e2cc42be1e24fe36eabb7bbe7c742ea7259f3abd9190da2e87ad8d
70cbac26b21869bad05af441aae8033f8eb59131dcdc9d4115676a30e4ca947a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
7504fb913bc861daaa4fc3add3e454f2eaa4f85d349f2c08bb070d09f61d27d3
76135fa1e4413cf5a33b6fdb90efda14b4bbcd8ceb591009e8476c5920c60de3
76159081594b856452bd30f7a7611819904ae6b4071699100f42826c7fa34979
774f520ae45df6655ffab3f2f3680a9bd32ffbd9283e4b32893e0d03a383e80a
78bd525dc317d47424279fbc7165201537c4bfe4c94c7f7c209a0685b6af281f
79a002b68c2f4e69aad0de6feb75b5cddaf84924b336954e782c68cd5cea0130
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a3403bc89fd64b8ac73a2b7da6d99ca1fde1f5fafe1cb6da5dfb8c5a0cc5f6
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7aa0cbcb88af656c2d1c38409d4e76618fdef545d6612cf9689ff688fa7f5525
7dd6350825500b6c6cd37e595e90cfbde94471edb412b60765d86b1e238aa6c8
7e9771aafa927d70fd735020afc98f1aa2c2167f206f43352b6d721d70a856d9
7f7d7878c6c7e664cc9e002ea8cd6fae8b44a61ed6604567c8cc578cc4e32d0c
7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090
804769fbfb50dace86f322216f4534effc8ca9edc3009110e240e483a779b7a5
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
82e5ebc351f6276bbccffab66acdbd6f412d4d151b4efe2141235e78c1d28137
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8452a1cc15705046dd0d5f5b62b74bd212f9440ebdd8c150127815a192e0405a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
8536b5e98da7156d3c79f37ff3cd76d7f793e63b1f8675253643fb78a0056c5f
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
860406da40dabcde2a28290ae1bd4042efba6fa45e0f6e6c81c0424f8f872418
86261953c1068a5868e785e5ad1883d11387c122d573d16fc6ea4f39ae69ebd7
866d05babdc7032997ec92debbd92c5aec502b32b4647009837f6a4830a01852
879a086bdc28d12fcb578a7eec6e27553a62c049d51577f3e8633246cee08627
885a374c21799d6813bf8d2b27368e738108e39de6ad14004d330d0315f4cf2f
888b1cb2edcdc8d5aef1363603bbf182852d792cbdead4c2ab3eecc38bacc686
8957e2ee20b6aabb9a9350f35fc95f8f0f88cd29651d1ef9e0ac624db0476ca8
8989d049c6d96ef8534368983923e2527f3b899310d6c623e23142823d24ea82
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca
8ca234757c842f50ca3a153e5ff4b8a525c7ef84584898f66d8cddb14efd2df9
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9095791fc7dbea3f0c0125a66b776dc5d85a06304a79abddc878ebd9699cbde6
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621
915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd
92c0f743e3d9afb784030430b40599fbf3ed8a6c1520a6ec69f08ea178912f7f
93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68
93fd5cf7668e550f4d6a26848d9de01d1f020c3b15829328184a6f40cb162a45
944d1e92f6e61d1a25bc4387a3ee70b9f238582824c011d6a27dd2a98d5c2c29
948b25f25c8c51f39f38aa13a377e3178b6402d8924deece0bdaab039e9ebe64
96df509716909d34da46ba6cb3070b1c2728ab80696b33c5b3b8e1de5c39aab9
977df4ca4b77ce828d0a72a98504e2d5031106a464a8694ddbd34bbbdb3c8e8c
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
995d427ec85c79854c6f408d7b2cb2faf141d5056775a2122f6c999827cbbdf0
998b04d1f8062fc795d6fa00f1fc7d4f4c3162862c4787d39f4f09dd6eebe541
99d354be528372d292b260e77a7b1512c3b4d982b4b6e3b029f12b655c601ac5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94
9bb36d1ec58f42e7a5359aa8a20bf228ee07ef0cfd2466682aa1e238f9627cc8
9c975e6d48676798bdc22a92d89aaf3f0a98dc764fe66a7f43dda0dea3389c33
9d1e7cd507f100a1f1322846a870f5033fb847fcaf1fc5f4892f5ca573c34ee4
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a3e992b28060b1a3fdb2c53d8ad146f5e557fe73c88d2b789fcaf1b80502f80d
a3e9d2369ca510e580bfc0a4fbc80c65cb11f0b192e1361a0b16f2760006d459
a3f48be6d3c929af9966829354505a4f6cc12c19b7fa31b55f18107088b2aaef
a40f26f51ea3b985d37de2bafc7ffc204e23cd62ca128ac4bf543e86c1be910e
a47fd1b0ca47ceb21d1e335d9f4438cdd7c8c11276acd79057ca14a2d4f56d09
a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a4e57155cac27dada03504ce8a6cf26c9820535cc633427c6dbe95b117bd6f
a75cee02f6ac08018e9e989531414f8e2797f671779d05d938487b851b607530
a8c8db0a0ade631142fb7f804bbdde1c08e541ac9eec90c981e1c324c323cc17
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4
ac5b62e1eede76e411958a7768e2b6e18dd5b07968bd8e5eda42e73d81623ed8
adb104594eee1698de436d0c4528dde7b292ccb88c20a93cdfcc4d3f08fca8cc
af968225577f4253077638acb0a9f8becdddd22e1220cc18ad402fe77bab8a51
b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f
b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b170decb3a6efd8bffdddabafd49423d113065921ef7e4e9ea6072ecac4b6db0
b1d4c3a337686c06292a38e20dcdbec4ba9fd2cb2f38c8c2ccf23227f074387f
b23267afa1d707f5a280500d8cddc8df14810f33dee697ff83c4484a54c457ea
b308975aadeba3f6ab3008fc1a6b6199b713ebccb5db1161693ed29a0b7b5f49
b507e7b2bedbfde5243a084b804bddc4826f8417aa91787f4aee4d1d2f2401fe
b75789d6c7d14d9c6373ebe3c8327f6752852e67b20cafde2ec233364a2c4675
b86a1909d262f05aff9803d767f9bb9832b1ecb64de5be51dd83f6f4bb492092
b8b38e753079ac4a8a64eb3d7b85ddb880bf389c180b505a2d8107cc141a22c8
ba705512917e5f4d7046601a2bddef6f96d85999f518695b9c55d620bddf3791
bb638ebd326924a67dc0aebc00695741061868d66b37706bcb20698629d5ae54
bc5b088711905cc44afcf733a89dfaa64385a22a05f267547982dfb801fb7cf5
bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3
bd3ebad2b90063e21cc7bd25cbc739f078bdb482d77b8cbe775579bdf0ad60ad
bd654d0906e326981b8d8d1ca2d08aad3637ece23794abb9316dae7280dd1c3b
be5e1bb54a9c2bc90c59bbb19dc9a43b3dc1e666f7bb0594c1f3939783c2d5f0
bf093b5c9a429e67bd8773c582377500eb7bef4cd2393cd35fec84f762d34f2e
bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71
bf9fc023ec6b3b8c22ce8ef08b7514527360ae5f75578bdeded5d4b420dd773f
c2502aaf14c8613f3710775541bc71b11a82a334fba5392b5361e3b2341bf8b3
c34b0663277ff5ae4c924e3e7f7ef2f44cd306f82196972abf0f5b43060cf084
c3d57d470fc761d3a241b4389a041509526fd9821cb724cfed0eda882f452f4b
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7883989b93490848688b646cdd92efc0278ca864eb458b8c723b6b6aa340446
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de
c83806ab124918e7d513b5c1688eb33e72eb5123bfebf94c7351d9b96efda642
c8748716913d8745598f8d951fb16ff416f609c3f80675b33616499eb5f21ac1
c8e74b60a68fe6dfaa44e5ec7924fc3852d42c8f12b4107da837a9ad5e99655d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caf206e622ee52d8593e9086cceb2d7c47d6b6a836f43330d88441bf18abd9c5
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
cf08bccfda54119a685d055d8507ec870587c4923022cad5f8ff9e0f06aa989f
cf45de7001e972de07f1467c916648af3011c3f8fef529995136b311d3e07ccc
cf672a4444d11394569fe2dadc82a3ea26b6c1570d247211920d4a3a1c8cb42d
d078224b4409d3443f851562e6707e68e258f7c32159f7c3e917eaf8e9e87bac
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d30b242c84812794bcaf014ddb4a84d9147aa6009df4fc36a4ad78672f6bb384
d3fc910b540884904c0bcff2ef8765666803612e940a6f900761d43a11defa00
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5a613351fa46e6d77037554392d719b982cec3fef3598b7f890561ad4bbea8d
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d660da8b95850d124ee0837d7b29b2ae5a5faa9b154c57c9e080b464e8d2b266
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d66b7cdd626243fb785049bc4c3861d28e53b9317863ac1d5d2eb6b0fc0849f0
d6e530c426e1f8a9fcd59adaad82922ea478b41fd8e1f714ce316b4200247cc9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e1cc49f3a841fb7006c3703b0a953fe3a1774d498a3b9fcd641f723fe5df66
d8d63c4af4bac69242b78473a8bf1ddf615cfeaa81c4dccdf042e53ec7250a59
d8da4fc00e7d4ab411ce2d5d205f709cbd4935be6e8f50e897d45ff9e60de503
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da6a8908492a3dc418066424dd0b88e44731cb73d15fbbaa7a43144160e66370
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dc1076e79e582da826b2ee013367f7cc8d9b2fcd9c54142952bb5810266bef63
dc69cbb04dd6ae64f63a71acdf08c28fc15eaec9204e4b09aec68812572e0707
dcdb1511f464f43be7db140d12b276a1818fe7bb5058957ea269e04720d670ae
dd8c996b797bfc657ffc8c52cc01c8f1a6b20a7867a157203e55fe2cc2587ed7
ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00b504aa169ae611abc550b7f609a2be2d0427d8d3029e0c27a94f33fc6874b
e067882e629cf5bd5405d59a555081b6fbf77f74290023119a27011b72119089
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e31e8a7e8ba1be78d49ed84ccedc82d092b10669b67a5a34058ac7611f4c2481
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218
e55db04564069cf9e13c156b85c783ba19ead2ec7614592bbf72c1694ece07d9
e61641df53d13dc883a7586f4a43b24545aef0c2d414ac7aaa90159605bc3413
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b
e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
eb669c0dfc3977a0ed33c42d4ccee3b3e2b0c65a030f0308648068b1d1f91edf
ec4fb247cdece26f52a88d2ece2fad744bf82514515b807b87cc50138c28e0e0
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee4ef97cf8f4e82c63b21fcf72f4c61dff872ce3a5d01fa38607ca7222ccbe87
ee6c0bdc558915efed566a44df847b8078928141d6c6d68fb272637f12177bff
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e9b463af56b1e81e56d5a7da0fe840b1ed804c2c6fc931c88f8bec7a72fcf
f0015a26cb1616a2e41df4f5ef015d54bd1ba0f1d30fcd73f3d2e534e203c7df
f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f
f1213c28b8e253c06dfd16c545ddc2372579bc61fd5fc3922eead0e9c28e4777
f1c4b0c685e07c923b70f28bacce7a2aa9894beb4e96bbc373401bad66419495
f21a824d68a45b591aa88d898736127554a74ac5edef82a6e403e737c8a3e77e
f36851f555778bcca0fee94e6b673d99431ec704b0bcb1526cda4e38037f4464
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c
f55dc50f6554bf0cc63a933da57b95bdf8468ed4f91667cf67554c3652c9c47d
f6661778f4f1de5f54428af65000d4aa388083b927b6d00e25f2558d86c867dd
f74dad533f65177fc4ac3d1382e9e9d465e5d7c5ff96a6999cf1d668590e3003
f906441399e595fd198f9584984a05fc861413a5e46bb855cac4097d5f7fc05a
f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
fa42c00f4e7bda83e89b338ec4aa0d511f6c0148264743615cca2477357dd08b
fad9001ba06bc6c3b2f88382c76a06b95dbdb13c2e6360b5217a6f9a3b73d5c6
fbb016406b76787a1cf802efad8a177c0ead551a5c498df305a5d4283b2a3eea
fcbe14a8ddb57fc5916dcbce7a41954412ed2559c2696f9be3538b77e108c672
fdf0f9f79328af0153431890c9eb2dc5eb5f778ed7d6f673fb206a9b45dfec36
fe41f351e5df8307d5a944c96a807067a3d1d8a82af0adde0994796f9713a5b1
ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587

www.moneydj.com Open in urlscan Pro 210.66.210.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

612 Requests

98 %HTTPS

48 %IPv6

45 Domains

83 Subdomains

72 IPs

10 Countries

5375 kBTransfer

13308 kBSize

0 Cookies

30 Outgoing links

Redirected requests

612 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.moneydj.com Open in urlscan Pro
210.66.210.14 Public Scan

Screenshot
Live screenshot

Full Image

612
Requests

98 %
HTTPS

48 %
IPv6

45
Domains

83
Subdomains

72
IPs

10
Countries

5375 kB
Transfer

13308 kB
Size

0
Cookies

612 HTTP transactions
3 data transactions