25penny.com Open in urlscan Pro
167.71.225.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.netbanklogin.com/
Effective URL:
https://25penny.com/
Submission: On September 12 via automatic, source certstream-suspicious (September 12th 2021, 7:28:35 am UTC) — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 35 HTTP transactions. The main IP is 167.71.225.251, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is 25penny.com.
TLS certificate: Issued by R3 on September 12th 2021. Valid for: 3 months.

This is the only time 25penny.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.110.178.81 143.110.178.81	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	167.71.225.251 167.71.225.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	173.194.76.132 173.194.76.132	15169 (GOOGLE) (GOOGLE)
2	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
1	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE)
2	173.194.76.94 173.194.76.94	15169 (GOOGLE) (GOOGLE)
1	74.125.206.97 74.125.206.97	15169 (GOOGLE) (GOOGLE)
1	108.177.15.113 108.177.15.113	15169 (GOOGLE) (GOOGLE)
2	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
1	108.177.15.95 108.177.15.95	15169 (GOOGLE) (GOOGLE)
1 6	172.253.120.132 172.253.120.132	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
2 2	66.102.1.148 66.102.1.148	15169 (GOOGLE) (GOOGLE)
1	172.67.177.215 172.67.177.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.71.100 74.125.71.100	15169 (GOOGLE) (GOOGLE)
3	173.194.76.138 173.194.76.138	15169 (GOOGLE) (GOOGLE)
2	64.233.184.101 64.233.184.101	15169 (GOOGLE) (GOOGLE)
1	74.125.133.94 74.125.133.94	15169 (GOOGLE) (GOOGLE)
35	17

1 143.110.178.81 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.netbanklogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.225.251 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

25penny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 173.194.76.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f155.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f94.1e100.net

d-22226715832850523652.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.113 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.120.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: wb-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.177.215 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.100 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f100.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.76.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f138.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.101 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f101.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ampproject.org cdn.ampproject.org	181 KB
8	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	200 KB
8	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	72 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net ad.doubleclick.net	31 KB
1	getrockerbox.com metrics.getrockerbox.com	682 B
1	googletagservices.com www.googletagservices.com	38 KB
1	googleapis.com fonts.googleapis.com	1017 B
1	google-analytics.com www.google-analytics.com	417 B
1	googletagmanager.com www.googletagmanager.com	916 B
1	ampproject.net d-22226715832850523652.ampproject.net
1	google.com adservice.google.com	593 B
1	25penny.com 25penny.com	10 KB
1	netbanklogin.com 1 redirects www.netbanklogin.com	127 B
35	13

	Domain	Requested by
10	cdn.ampproject.org	25penny.com cdn.ampproject.org
6	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	googleads.g.doubleclick.net	cdn.ampproject.org googleads.g.doubleclick.net
2	pagead2.googlesyndication.com	cdn.ampproject.org googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	metrics.getrockerbox.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google-analytics.com
1	www.googletagmanager.com	cdn.ampproject.org
1	d-22226715832850523652.ampproject.net	cdn.ampproject.org
1	adservice.google.com	cdn.ampproject.org
1	25penny.com
1	www.netbanklogin.com	1 redirects
35	19

This site contains no links.

Subject Issuer	Validity	Valid
25penny.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://25penny.com/
Frame ID: 000184C54184FBD1CAFA9D8586EFFEF8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com
Frame ID: 9BC9EEEC3F93A7BCF1CD26E5A7D788D9
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Frame ID: 8698744D0BD5C79FBA4B2DB4A0470347
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

25Penny -

Page URL History Show full URLs

https://www.netbanklogin.com/ HTTP 301
https://25penny.com/ Page URL

Detected technologies

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

17
IPs

2
Countries

535 kB
Transfer

1226 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.netbanklogin.com/ HTTP 301
https://25penny.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://ad.doubleclick.net/ddm/trackimp/N737016.1943701GDN/B26104877.310776318;dc_trk_aid=503355083;dc_trk_cid=155704028;ord=3946762748;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N737016.1943701GDN/B26104877.310776318;dc_pre=CLapzd30-PICFQGcJwId2hEJWg;dc_trk_aid=503355083;dc_trk_cid=155704028;ord=3946762748;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580 HTTP 302
https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580

Request Chain 32

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP88z-mwEQuAgYuAgyCGeLu6NlPDef HTTP 301
https://tpc.googlesyndication.com/simgad/1397719133498438707

35 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
25penny.com/
Redirect Chain

https://www.netbanklogin.com/
https://25penny.com/

38 KB
10 KB

451ms
139ms

Document
text/html

167.71.225.251
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://25penny.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.71.225.251 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 5b4d4e61d9c07f031cc4ea7081072f883f5855aca458a2ee0c4325b9ae383785

Request headers

:method: GET
:authority: 25penny.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 12 Sep 2021 07:28:31 GMT
server: Apache
cache-control: no-cache max-age=600
content-encoding: gzip
wpo-cache-status: cached
last-modified: Sat, 11 Sep 2021 16:18:05 GMT
expires: Sun, 12 Sep 2021 07:38:31 GMT
content-type: text/html; charset=UTF-8

Redirect headers

date: Sun, 12 Sep 2021 07:28:30 GMT
server: Apache
location: https://25penny.com/
cache-control: max-age=600
expires: Sun, 12 Sep 2021 07:38:30 GMT
content-length: 228
content-type: text/html; charset=iso-8859-1

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 213 KB
62 KB 51ms
15ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: 25penny.com
URL: https://25penny.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

29373884c302e86fecf481f2ee85e06f74b22142f52d3d57a0af7c6f3723f2a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62746
x-xss-protection: 0
server: sffe
date: Sun, 12 Sep 2021 07:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "7073fd7ddaf6422d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Sep 2021 07:28:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/v0/ 89 KB
28 KB 78ms
42ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs

Requested by

Host: 25penny.com
URL: https://25penny.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

054ed0bf65d959386ef10c655884f049d248dde6d420dc4c3f17b5836bc8b6ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28503
x-xss-protection: 0
server: sffe
date: Sun, 12 Sep 2021 07:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "5aa1470e1bf83721"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Sep 2021 07:28:31 GMT

GET
H2 200 amp-auto-ads-0.1.mjs Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 65ms
29ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.mjs

Requested by

Host: 25penny.com
URL: https://25penny.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

3d514766b96911e64eb734d7b4b347ae49486ca4cd51e7d5a3478ef5f2e223d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: sffe
date: Sun, 12 Sep 2021 07:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "0ad9b3dfaf47970d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Sep 2021 07:28:31 GMT

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012108280007001/v0/ 6 KB
3 KB 14ms
13ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

a6b1e41799ba2e0c9c6197ef6b8588a007e40f17281a0624dc35414c03df7d46

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 373652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2781
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 23:40:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "792949275a813720"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 23:40:59 GMT

GET
H2 200 amp-ad-0.1.mjs Show response
cdn.ampproject.org/rtv/012108280007001/v0/ 67 KB
19 KB 14ms
14ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/amp-ad-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

c109d0d85fa3f6495d14d6075da981a157f3eabec1e651425687ac6d63e33037

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 373653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19674
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 23:40:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "921c8c73efa2482b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 23:40:58 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 1 KB
850 B 83ms
25ms Fetch
application/json 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-9656474231278353&plah=25penny.com&ama_t=amp&url=https%3A%2F%2F25penny.com%2F&__amp_source_origin=https%3A%2F%2F25penny.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f154.1e100.net

Software

cafe /

Resource Hash

0dc7647d8c43021971fcdd5925394654bc415b70a33e8beb9effb3b4a3517c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://25penny.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Sep 2021 07:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 409
x-xss-protection: 0

GET
H3 200 amp-sticky-ad-1.0.mjs Show response
cdn.ampproject.org/rtv/012108280007001/v0/ 34 KB
9 KB 14ms
14ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/amp-sticky-ad-1.0.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

6f5211dbcbe45362fde18de18d778a662aacee6d3c77e2b832371e1ed973ad3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 103307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8914
x-xss-protection: 0
server: sffe
date: Sat, 11 Sep 2021 02:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "140e51de9b9ab209"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 02:46:44 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.mjs Show response
cdn.ampproject.org/rtv/012108280007001/v0/ 182 KB
49 KB 14ms
13ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/amp-ad-network-adsense-impl-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

c3ed6a24ee6cb46deacefad2ad5420ff396a9897efd111039098b5bb2027006e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 373375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50317
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 23:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "10de105f44ba080d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 23:45:36 GMT

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012108280007001/v0/analytics-vendors/ 2 KB
929 B 14ms
14ms Fetch
application/json 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://25penny.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 93039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
server: sffe
date: Sat, 11 Sep 2021 05:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b71622904d6d61af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 05:37:52 GMT

GET
H3 200 amp-ad-verifying-keyset.json Show response
cdn.ampproject.org/ 419 B
442 B 14ms
13ms Fetch
application/jwk-set+json 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-ad-verifying-keyset.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

622221d4b92040a92cac29d6aaa27b1602fd92b28997885b56cad5e529e07731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://25penny.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:00:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 May 2017 15:06:13 GMT
server: sffe
age: 1683
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/jwk-set+json
access-control-allow-origin: *
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
expires: Sun, 12 Sep 2021 07:50:28 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
593 B 51ms
16ms Fetch
application/json 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=25penny.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://25penny.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Sep 2021 07:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin: https://25penny.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-22226715832850523652.ampproject.net/2108280007001/ 0
0 65ms
17ms Other
text/html 173.194.76.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-22226715832850523652.ampproject.net/2108280007001/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f94.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://25penny.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H3 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012108280007001/v0/ 14 KB
4 KB 14ms
14ms Script
text/javascript 173.194.76.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108280007001/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f132.1e100.net

Software

sffe /

Resource Hash

87405e6c7c88879efb170170f1146d3d9ac4540b725a510bb08af48870c11647

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25penny.com/
Origin: https://25penny.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 373652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3695
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 23:40:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "45a186fff8f0ce45"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 23:40:59 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 858 B
916 B 51ms
16ms Fetch
application/json 74.125.206.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2F25penny.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ed97bdcc1bd15aa41c13cc0606c99168587a0373b4e63179b84550fafbda706c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://25penny.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sun, 12 Sep 2021 07:28:31 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://25penny.com
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://25penny.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
417 B 72ms
23ms Image
image/gif 108.177.15.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=25Penny%20-&sr=1600x1200&cid=amp-w15mo9rNmfbGItmhPsJuxQ&tid=UA-33453037-9&dl=https%3A%2F%2F25penny.com%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.716987437988535&gjid=0.7918592671581677&_r=1&a=2806&z=0.11762444821880891&gtm=2pu000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://25penny.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 07:28:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BC9 107 KB
30 KB 795ms
757ms Document
text/html 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108280007001/v0/amp-ad-0.1.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

5403f0a71aa3eca819d7ab4965eca1bff004596837e8e23defc52c9a22f48add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://25penny.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://25penny.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 12 Sep 2021 07:28:32 GMT
server: cafe
content-length: 30294
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 12-Sep-2021 07:43:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 12 Sep 2021 07:28:32 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 9BC9 2 KB
1017 B 85ms
32ms Stylesheet
text/css 108.177.15.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f95.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 05:50:51 GMT
server: ESF
date: Sun, 12 Sep 2021 07:28:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Sep 2021 07:28:32 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9BC9 1 KB
937 B 68ms
28ms Script
text/javascript 172.253.120.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f132.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Sep 2021 06:50:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 9BC9 18 KB
8 KB 55ms
16ms Script
text/javascript 172.253.120.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f132.1e100.net

Software

cafe /

Resource Hash

cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7641
x-xss-protection: 0
server: cafe
etag: 14368791910870210898
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Sep 2021 06:50:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9BC9 2 KB
1 KB 68ms
29ms Script
text/javascript 172.253.120.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f132.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 12:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Sep 2021 12:44:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BC9 125 KB
38 KB 56ms
17ms Script
text/javascript 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Sun, 12 Sep 2021 07:28:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9BC9 14 KB
6 KB 57ms
18ms Script
text/javascript 172.253.120.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f132.1e100.net

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Sep 2021 06:50:03 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 9BC9 26 KB
11 KB 70ms
23ms Script
text/javascript 173.194.76.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f94.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 00:31:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 03:44:20 GMT

GET
H2

200

gdn
metrics.getrockerbox.com/track/ Frame 9BC9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N737016.1943701GDN/B26104877.310776318;dc_trk_aid=503355083;dc_trk_cid=155704028;ord=3946762748;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
https://ad.doubleclick.net/ddm/trackimp/N737016.1943701GDN/B26104877.310776318;dc_pre=CLapzd30-PICFQGcJwId2hEJWg;dc_trk_aid=503355083;dc_trk_cid=155704028;ord=3946762748;dc_lat=;dc_rdid=;tag_for_ch...
https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580

44 B
682 B

230ms
106ms

Image
image/gif

172.67.177.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB%2FsklYo0w8muGLqlW8e8p5%2FNi6ZmxP3k4T4LsfZZezoi64xu1mR4EJnMSA6EtQtHjP8FcIhVhq7XMIIHaMvtgeKReqEu59HyMyHjE3IRI7mqeKRuJf2F4Gsuf9Uj760Naoo9GJNSvMpuFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 68d76b6caa4f5bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://metrics.getrockerbox.com/track/gdn?source=1-800-flowers&tier_one=gdn&tier_two=77337200580
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9BC9 0
21 B 34ms
19ms Image
text/html 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUsvlH6w9YY_CKrOG1fAP_ci2sA3i27CLZeLEwdTWDfCqgOyQAhABIInkuhxgyQagAeqXxOMDyAEJqAMByAPbBKoEtQFP0ATo5zDnm3FnibjoriVwzGSUo_7XI3oM5YYsm5v-n-DEJY4uxQgtw8tzg6esbtvobf9myj4dYHyHDcK8vTELrDYd-ZyeJictoThNotmUcfcLiTYxOF53L4BI96T7uVDQ5W43ihssO059qxXva6YYLjGsgPmWFdY8YNdm0nf3eHYWChMKf6VkTSz65ubpB1YJEZCmMiIQjhcIc61S91h460mDTdAGg-_qIwZJRZzG5NlKQwiIwATEj6CNoAKSBQQIBBgBkgUECAUYBKAGLoAH_ue7HKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEN_IQtIIBwiAYRABGB-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItOTY1NjQ3NDIzMTI3ODM1MxgA&sigh=HACvs-_7W3I&template_id=494&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9656474231278353&format=1600x250&w=1600&h=250&ptt=12&adk=3565429973&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17204493421742110968&dff=Arial%2C%20Helvetica%2C%20sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1768085743&adf=78667485&nhd=0&adx=0&ady=1272&oid=2&is_amp=5&amp_v=2108280007001&d_imp=1&c=159002806&ga_cid=amp-w15mo9rNmfbGItmhPsJuxQ&ga_hid=2806&dt=1631431711609&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2F25penny.com%2F&bdt=530&dtd=2&__amp_source_origin=https%3A%2F%2F25penny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 12 Sep 2021 07:28:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Sep 2021 07:28:32 GMT

GET
DATA 200
OK truncated
/ Frame 9BC9 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdf3e9463b2b465479ff7e9f9c016aa0712f7fdca2462ff0644f17ea60daa4dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9BC9 24 KB
24 KB 52ms
17ms Image
image/jpeg 74.125.71.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRo8pT7h8uK9o02389pEpVW6MdSiU5HnU3UvtzC9SJF7Jitsq4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f100.1e100.net

Software

sffe /

Resource Hash

620620eeae8170eadee4d965c2e662ed18d807e0c7eab4c8be849d066ba414eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 02:43:08 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24305
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Sep 2022 07:28:32 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9BC9 25 KB
25 KB 93ms
43ms Image
image/jpeg 173.194.76.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQV0rEzoasCb0nEZ1hIyAKLzxH1BsB65F3_ARQl47GOgJfSiEA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f138.1e100.net

Software

sffe /

Resource Hash

7e0de2196daa2ef874a9cbede454e0f7cc4f691368d98407a1e3be7610fe1bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Feb 2021 17:50:35 GMT
server: sffe
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25719
x-xss-protection: 0
expires: Mon, 12 Sep 2022 07:28:32 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9BC9 32 KB
33 KB 68ms
17ms Image
image/jpeg 173.194.76.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSbxh04hK3zjpi2yr7ISoka0h7dUUrCt_iWZDr0gbgOfZbnw4Ai&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f138.1e100.net

Software

sffe /

Resource Hash

c4d9f41a072a510e94eb542c27e1b40508dca492225e16c914edf6ca09b73453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 03:07:18 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
expires: Mon, 12 Sep 2022 07:28:32 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9BC9 30 KB
31 KB 50ms
15ms Image
image/jpeg 64.233.184.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT15Buoa9VJdzXNU4SsURXdeqD_0JV5AIgv8gsEsRgB240jzG4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f101.1e100.net

Software

sffe /

Resource Hash

e3940e38f915fbfa1093d0cd564cc13bae1622b115904d814c213f2136758037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 15:31:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 08:56:01 GMT
server: sffe
age: 57416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30789
x-xss-protection: 0
expires: Sun, 11 Sep 2022 15:31:36 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9BC9 25 KB
25 KB 84ms
34ms Image
image/jpeg 173.194.76.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQfzAaNpt1VAOkPQ5ohYKw28iSrH9UjfhqYaEE_-QhGHIIuikY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f138.1e100.net

Software

sffe /

Resource Hash

b534fd3797d9b233cea531831ec3e893783d8974b01bbfb9a21086d2466ee4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Jul 2021 00:52:24 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25191
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Sep 2022 07:28:32 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9BC9 30 KB
30 KB 66ms
31ms Image
image/jpeg 64.233.184.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTBss_wbD55IrIeRhX13rdBKw1pS2ZjyOHZ4-CujggZDm-yt89Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f101.1e100.net

Software

sffe /

Resource Hash

dd620c35fe7372c25611f074e2bee65da6794d98134de68dc20148ab44dc515b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 04:50:27 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30869
x-xss-protection: 0
expires: Mon, 12 Sep 2022 07:28:32 GMT

GET
H3

200

1397719133498438707
tpc.googlesyndication.com/simgad/ Frame 9BC9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP88z-mwEQuAgYuAgyCGeLu6NlPDef
https://tpc.googlesyndication.com/simgad/1397719133498438707

42 KB
42 KB

74ms
74ms

Image
image/png

172.253.120.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1397719133498438707

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.120.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f132.1e100.net

Software

sffe /

Resource Hash

6c19036879afa8786fe5eb7d92bdca9efe9793a098f1789a824dde6436ec1428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 19:43:37 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42876
x-xss-protection: 0
expires: Mon, 12 Sep 2022 07:28:32 GMT

Redirect headers

timing-allow-origin: *
date: Sun, 12 Sep 2021 07:28:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1397719133498438707
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Oct 2021 07:28:32 GMT

GET
DATA 200
OK truncated
/ Frame 9BC9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f8660e81851d2bf65f91e1db702f40b83c6f2bff9d3bc9120888d246ee805f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 9BC9 20 KB
21 KB 50ms
15ms Font
font/woff2 74.125.133.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f94.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 20:40:00 GMT
x-content-type-options: nosniff
age: 211712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 20:40:00 GMT

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8698 35 KB
13 KB 30ms
15ms Script
text/javascript 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.206.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f154.1e100.net

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 21:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 382653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 21:10:59 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.25penny.com/	1970-01-20 05:56:07	Name: _ga Value: amp-w15mo9rNmfbGItmhPsJuxQ
.doubleclick.net/	1970-01-20 14:41:43	Name: IDE Value: AHWqTUkEBNiGxlisrh1SrgoX14mw4-NESiMVPoWTUe5DIIwqIX2Crdq1PfTSrQut4Bk
.getrockerbox.com/	1970-01-19 21:53:43	Name: uuid Value: rbcr-8a273c4d-dca8-4b9a-9a5b-642741cf02ef

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25penny.com
ad.doubleclick.net
adservice.google.com
cdn.ampproject.org
d-22226715832850523652.ampproject.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
metrics.getrockerbox.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.netbanklogin.com
108.177.15.113
108.177.15.95
143.110.178.81
167.71.225.251
172.253.120.132
172.67.177.215
173.194.76.132
173.194.76.138
173.194.76.94
64.233.184.101
66.102.1.148
66.102.1.155
74.125.133.157
74.125.133.94
74.125.206.154
74.125.206.97
74.125.71.100
74.125.71.155
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
054ed0bf65d959386ef10c655884f049d248dde6d420dc4c3f17b5836bc8b6ed
0dc7647d8c43021971fcdd5925394654bc415b70a33e8beb9effb3b4a3517c04
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
29373884c302e86fecf481f2ee85e06f74b22142f52d3d57a0af7c6f3723f2a0
3d514766b96911e64eb734d7b4b347ae49486ca4cd51e7d5a3478ef5f2e223d4
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
5403f0a71aa3eca819d7ab4965eca1bff004596837e8e23defc52c9a22f48add
5b4d4e61d9c07f031cc4ea7081072f883f5855aca458a2ee0c4325b9ae383785
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5f8660e81851d2bf65f91e1db702f40b83c6f2bff9d3bc9120888d246ee805f4
620620eeae8170eadee4d965c2e662ed18d807e0c7eab4c8be849d066ba414eb
622221d4b92040a92cac29d6aaa27b1602fd92b28997885b56cad5e529e07731
6c19036879afa8786fe5eb7d92bdca9efe9793a098f1789a824dde6436ec1428
6f5211dbcbe45362fde18de18d778a662aacee6d3c77e2b832371e1ed973ad3b
7e0de2196daa2ef874a9cbede454e0f7cc4f691368d98407a1e3be7610fe1bb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87405e6c7c88879efb170170f1146d3d9ac4540b725a510bb08af48870c11647
a6b1e41799ba2e0c9c6197ef6b8588a007e40f17281a0624dc35414c03df7d46
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
b534fd3797d9b233cea531831ec3e893783d8974b01bbfb9a21086d2466ee4a2
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c109d0d85fa3f6495d14d6075da981a157f3eabec1e651425687ac6d63e33037
c3ed6a24ee6cb46deacefad2ad5420ff396a9897efd111039098b5bb2027006e
c4d9f41a072a510e94eb542c27e1b40508dca492225e16c914edf6ca09b73453
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
dd620c35fe7372c25611f074e2bee65da6794d98134de68dc20148ab44dc515b
e3940e38f915fbfa1093d0cd564cc13bae1622b115904d814c213f2136758037
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
ed97bdcc1bd15aa41c13cc0606c99168587a0373b4e63179b84550fafbda706c
fdf3e9463b2b465479ff7e9f9c016aa0712f7fdca2462ff0644f17ea60daa4dc

25penny.com Open in urlscan Pro 167.71.225.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

0 %IPv6

13 Domains

19 Subdomains

17 IPs

2 Countries

535 kBTransfer

1226 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

25penny.com Open in urlscan Pro
167.71.225.251 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

17
IPs

2
Countries

535 kB
Transfer

1226 kB
Size

3
Cookies

35 HTTP transactions
2 data transactions